Overview

overview

10

Static

static

10

1177334953...8.html

windows7-x64

10

1177334953...8.html

windows10-2004-x64

1

Analysis

  • max time kernel
    14s
  • max time network
    18s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    23/11/2023, 19:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1177334953533513768.html

  • Size

    10KB

  • MD5

    ba5a9205e5231591d9f109fac78e011a

  • SHA1

    d69a3afe56bb17dcfcc94cdc5a34d253a31c49dc

  • SHA256

    1dcdd4a00b623863be456798139f9b978e084a6a4fefe38e18cdee1987eb683a

  • SHA512

    84693102131171f59936855d19284f5ac3c9578718aff70d0cd6fe04974f61b37b48a288eaa88e0d98cbb2c6b7a0e9809a9a7acda8d769e067e339ce7b553333

  • SSDEEP

    192:mMBJwRr8NKeW1HEadrf+LCxKIO3y/vY0yThrHtSCw:Z7wRgKeW1HEqf07/y/vY0OhrHtSt

Score
10/10
taggie_berm_you_are_it

Malware Config

Signatures

  • match_everything 10 IoCs

    This rule matches all.

    taggie_berm_you_are_it
  • Modifies Internet Explorer settings 1 TTPs 28 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\1177334953533513768.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2976
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2976 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2584

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e9946c563d183c9dbd79a5b58fb02d38

    SHA1

    e7cdeccdfaf83e0f5c1382708ec9c121c8154aa5

    SHA256

    3351602ec5fe1aa35d3a2b2649ea3fa0ad14c41aa9372d2e444e5835aaed0e17

    SHA512

    625ac64f6dc0157933c9a683637496b90970ceae45ad80c6c7cdb2085a6b664aa767b8f9942b1026f7816d02f1f55c0c3961f50f6ad86b01ce53a4b1881e38c8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    10c4fa6a40591a0a3e2d3359815a8f1b

    SHA1

    63a6622ff51762e3d63fc81f236d79eb44fd4d2d

    SHA256

    44d338f3896e090b5f8959bf73adf4423037a835e098a67befb6bfbbb6b64fc6

    SHA512

    337a6cbb1c63a1b31b86f08bed57877bf342dc86860f362ec027b09ab1af57177f87a62cda9fc61cabc0a807dd08f1800bc1c0b14173b95af67527c4b56f4587

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9128a3997b07d2303fe7c9776ce213be

    SHA1

    839fdc90172f77e396f03e8a8609b49b303c40ed

    SHA256

    a785fc597e5a235b326d15f045ecb4eac50dfae81eac81460dd2c8d6da5264ae

    SHA512

    7ace2e77be33db29a33bedbc0701926b54f394d0721a46a5b327c55b91f714894c4fa1d1b7eefda490c1cfc437769334d5f3e1c8b5a3daaa9188059c8c97b5d5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    44aad1be96f62dc64feeadfef40c9969

    SHA1

    093e75182393b9cadb99d3c3c97103c6f5e0a5a0

    SHA256

    1efad71be2951df9cc9746f4aeaec133bf1117ea27b560f5078492773ca7cdce

    SHA512

    f3bd0f42119ecf9b7030489859162025ef4672fc3938f4952c12e9e26b4604970fe8b19fe4f0eec6ec12adbab9e5e5b31d55e28f455a3676f49fb8c9687b1bc1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    48a41e97e0ef454d48a1074f22d6283a

    SHA1

    83a44f2581bbbe15daa15f9e094b7f4234c411c1

    SHA256

    4edba990b9da374e950c2b25641c07ef399a71450834df270e24b836061c2acb

    SHA512

    098262ac8a27abbfa5bbca5cf77396fba43c6efecf83bd5078d81151f023835a789d92317e54871fe85cc9ca9bc562755c1c21788d9b4d40c4d3547f690761c3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    78657ec0258c8c6f384f66290540d168

    SHA1

    7a339ffb16b7734686294fde4ecea16761dc747d

    SHA256

    3ef3389d0eb6a542d0a4e76bff5f4638623df8208d131beac03c5fa32019645b

    SHA512

    888d4b33df87226cb3b98ba406fd2e5e96ce1e075cc706402c3ecd46e32859ec63f2211d7f1130c8523659f78f85623e280fedee88f2850e5ec298b9605fa913

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5ad03282f87954764532d75926725d98

    SHA1

    8074b8722f88cd6b252a5a1324af1c49aa2c02bb

    SHA256

    0cb50144e92f08d98072b91ee6c663255e814bc4323600391ee0b42414df9b1a

    SHA512

    7826de9b67a0011d455e431259cc8c651748113e294d4e1675cdc2fa7a5aef3ce5e2f10dafd3656b545ed11b0b30b8313b8c85088208dbdca5981a88dc24238a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5ad03282f87954764532d75926725d98

    SHA1

    8074b8722f88cd6b252a5a1324af1c49aa2c02bb

    SHA256

    0cb50144e92f08d98072b91ee6c663255e814bc4323600391ee0b42414df9b1a

    SHA512

    7826de9b67a0011d455e431259cc8c651748113e294d4e1675cdc2fa7a5aef3ce5e2f10dafd3656b545ed11b0b30b8313b8c85088208dbdca5981a88dc24238a

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabA4DA.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarA53B.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit