Analysis

  • max time kernel
    138s
  • max time network
    269s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231023-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231023-enlocale:en-usos:windows10-2004-x64system
  • submitted
    17/11/2023, 17:33

General

  • Target

    email-html-2.html

  • Size

    5KB

  • MD5

    ca140e60feaadb0094174e21dde8aa8e

  • SHA1

    5abfe8aa539c4b6bebfaf814f0ec39a665ed62c0

  • SHA256

    6156a73d489fc2a40ea51b5bd1d071684dfa10868c4f7cd7e08a35bbaf6426ce

  • SHA512

    49bf9bcea8334af72dd26418b1f8904135d9ab5c9f823553bf8561ba0055bb5bdbb26d34e70824de92a15870af3b279e931baa0ae85c16d417efc85ff4c3666a

  • SSDEEP

    96:ROZHeqJ6MPMbGFerf/33q0aO2KZKcEh78eONNNNNNNNNNNNNNNe4Pbq1+Ued9PVi:W+qJhUa+XHnZ4vZJ8fm5P2Ur

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\email-html-2.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1892
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1892 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3524

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776

    Filesize

    471B

    MD5

    6ab41675ee418fde7cbb9bb635ddc2cd

    SHA1

    efcbdf27b880938d7ffec16797854b197ff617d5

    SHA256

    84dee75132b94524ad3372b2a3e072c11ff453cb334829a93864322da8d414eb

    SHA512

    2748cc8662ad4e11bd807ed845b2477d055624bc61bfa457ad8c600034b28ee2446b8e40fcdaced77f9afada4ca873b54a13b83a3a9992c2eb9da89bf9ce8e92

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776

    Filesize

    404B

    MD5

    894e58590dd6c5c00e4d5e59f8739c1e

    SHA1

    51883758bd5164f291c90f67e1797570d778302f

    SHA256

    246d4615487fb81f699cc851054deaad9879daf796cadd08309cfe24bda2a7bc

    SHA512

    2da52ab3f02b8caa27d5e14fe94f543164432f5359f608f56981d54c5f3dd241d03552068f07ea0f8597cd0d6ea3524ba18c75180130a29782cc3ab7539d6764

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\5T0U3BIO\suggestions[1].en-US

    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee