Overview

overview

1

Static

static

1

winprofile

windows7-x64

1

winprofile

windows10-1703-x64

1

Analysis

  • max time kernel
    300s
  • max time network
    258s
  • platform
    windows10-1703_x64
  • resource
    win10-20231020-en
  • resource tags

    arch:x64arch:x86image:win10-20231020-enlocale:en-usos:windows10-1703-x64system
  • submitted
    20/11/2023, 04:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    888377f356f2831a85a6ce816c5955c6b8e908a57f5fc59fb41c2ade78a6bf22.html

  • Size

    73KB

  • MD5

    6f7acca55a57fa7b9eac3ea484935135

  • SHA1

    9dc3ffbf36ace5d81917e90e7b7944f8f066939b

  • SHA256

    888377f356f2831a85a6ce816c5955c6b8e908a57f5fc59fb41c2ade78a6bf22

  • SHA512

    c0b49979b8068a64e41e7af4854bb78aed837893fc5812f1dabe37c392907babfc0dc542b5f6cb17fcc514455be7e74667b1f688a15f2f7c95947416a69a7bdd

  • SSDEEP

    1536:dPvhj5dJtXy3sRjFdbQRGRpItR7dBrYoAlc5bZOmM9:O7BrYo3G9

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 54 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\888377f356f2831a85a6ce816c5955c6b8e908a57f5fc59fb41c2ade78a6bf22.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:860
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:860 CREDAT:82945 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3460

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    471B

    MD5

    7bc1352ddba5108aad2ba4f8dc7fd138

    SHA1

    115f349b60dbda0a5be6546362a4561755ee66ec

    SHA256

    5880434d7a59152766862a06d0a20ef7a07c983bea04471bfc43f56ec530ec12

    SHA512

    0ec0c8fdf933fff74ad0f549bf0bc8aa42d5dfb160fda7169a09db7eb35e68890c2ce90a9f9c143f19f9d832f7c19794602a83ae706ba122c39604d89e7eb113

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    404B

    MD5

    c131f7ff99186d764346a01d129b6df9

    SHA1

    785ad71670beb2aed1f4f304a38f7db7d57f0d2b

    SHA256

    5366c3508cbee95d406ea789ad360e171e15bf829585fd70108dc5b8306561e6

    SHA512

    4421a188ba2c760be9714882d89b5b80bb3dc8a865e33b137f627f147fd168bd8bd37f3997430b2edcac2712f09b505171fa8377cf3cd6c8f57c2d5239acb36e

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\VersionManager\ver1364.tmp
    Filesize

    15KB

    MD5

    1a545d0052b581fbb2ab4c52133846bc

    SHA1

    62f3266a9b9925cd6d98658b92adec673cbe3dd3

    SHA256

    557472aeaebf4c1c800b9df14c190f66d62cbabb011300dbedde2dcddd27a6c1

    SHA512

    bd326d111589d87cd6d019378ec725ac9ac7ad4c36f22453941f7d52f90b747ede4783a83dfff6cae1b3bb46690ad49cffa77f2afda019b22863ac485b406e8d

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\XZVGCF99\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\YRM400D6.cookie
    Filesize

    541B

    MD5

    829fe173cb989d253f74c1151d65fa5b

    SHA1

    ea81632c6f083b834657dd1122ac21680affe5b5

    SHA256

    0963e2600e69f5be2c3e99853205db81d3dff9ce6dbaa33b58b132ce9ee4fff7

    SHA512

    102af71f5acfe68f304dc492d3fdfdb1725d52093d84a96ea799c16071c3322bfac960e9d5ab09a594acdd88d3ef7c35830dd8d3be9d425824a49bed46417310

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\Z2N0LUP6.cookie
    Filesize

    541B

    MD5

    f2f11e6d8609332361f793bfd283ec3d

    SHA1

    030e263393bf8523c1044235618d4eaba31e9a9e

    SHA256

    dd5fecebf68926129a8b269fc66108b47e2069d5dbbf945887acfc29098d0423

    SHA512

    18817a773068d338c6eb2f107b89a8029b56efc1d547e96bd6dff1b2aab1aaf0fe242eee30284fb79b55f2459fb418cdc282721eb8103ddc06a364f7afe263ad

    Download Submit