Overview

overview

4

Static

static

1

EFTAdvice.htm

windows7-x64

1

EFTAdvice.htm

windows10-2004-x64

1

attachment-2.rtf

windows7-x64

4

attachment-2.rtf

windows10-2004-x64

1

Analysis

  • max time kernel
    143s
  • max time network
    142s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    25-12-2023 00:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    EFTAdvice.htm

  • Size

    254KB

  • MD5

    28cbef8d9c48d1cf358bd42b7fd3f6cb

  • SHA1

    548396eb4aa75c524d8abfe8e08efac5f0609c12

  • SHA256

    c3148d03ad3aeb6e3ddc6bb206fd0002e60ec4fe1728ff6ae42bba9496bb269b

  • SHA512

    ae0e05dc54b2e7f70bc8e6850cf1f0f133dbea5bec61e59c0cddb9b8e3b6ccca039e8ba8000a70f034b6604da1588bc5d0a82b35f842b2052f971f3c96507ec0

  • SSDEEP

    1536:3aQtddmn7JiIjCGfkMOfUzh+TyuUzifdEXYmqcCcdRjZDOO3/jpjW0/51w/a1fIp:qQo7UBcROs1+hVDcDdT31nRf1iTD/L

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\EFTAdvice.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1988
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1988 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2436

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    85474e6cb52780d5b9955eb56a000152

    SHA1

    09f3fe8d8703d212527a076e5b654886d92097da

    SHA256

    b04910a448fc7944aa7d2166800765d2d8b43f78227f27fd4ff486ee507ba347

    SHA512

    fd71a6fa719789cadb85389c837700b8287a3b72c42b66df47dd92be9c2212d3872fc972fe4cf749baa53da3a5a5b0b5cdb362083dd9614fc863889519d21297

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8b9e7f045707df31fc477b43e4b3f6c0

    SHA1

    2b89bcc8518eb005cb52268b8f590489fe5470a0

    SHA256

    b5ef3d2e039825e6a3ac670b9398ef003f5d70052e7bdc4ac359ca18f3f8d287

    SHA512

    5a6cc64d1f91037b19f4f0f22b7576b7e0435abd8f9d8e99e2ccae7679f667b4c019294a32083eef1eb7035fcb8a793d85144a943e811bb06e06155a92ca7c0b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    144d498fe215e30f809265d415a7506e

    SHA1

    7eaa0dd46d711f11ff5c6b964add24e7eadfa1e8

    SHA256

    7e53a8de4a56ec71f10c3c254d6f6e858b73205553598465991db79d26e70a50

    SHA512

    d0fdd60303ce0a063f8a7141703816cb992744f1ff96d9fa2504091ae8d6df755147f97b5e908bfa534a5e2f1bd1083615677813e543c70e6113417e49eca602

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0158b0c852441c9a230ec7fa28d7372e

    SHA1

    57c0e0db0e2dedbe4cfc2588640084f8b6dee5c0

    SHA256

    a30ceec69584f020261bbd4d3e40aa1ccd7e3157bbf8135495b2622517413202

    SHA512

    8068271b1dc7ea9e8dba03703c6e0fba41dea7f5c16036f4cd7834790e5af2388663dea1a89516316b0b47b8b72df9c9615cc1801e5e33e8fb5099c75bebaa05

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    287643f107893906fe3236a0b7218edd

    SHA1

    54105166acafe9d1fdbfac20dc0937d078259aec

    SHA256

    a4f7e5c51fcabf56a6cb5f8366fd45b71ad0175545d5568607ff20ae523e326b

    SHA512

    4e3a41ac7e9578497dcf1e191a25530b039a6c30980fbef347401655f95e1ee4bf4511c735c1553d79caea9030d497620c801d6d1eecaa3b39eae354a3bd8148

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6ba98f0c8fe05f221b2376d405a78532

    SHA1

    3e149b6b7312d9e1bc0ee7b9a188031b89b5ab9d

    SHA256

    a7b9a41d579dae416bf2916d0285115f2789aec8a3860e10e428ea46d70e085a

    SHA512

    5279166470d7badcdefc0bf387a2f1e009f7b620ff11e8f34e7f484de7b31ab8ce3e40042e9a5f286672405601f6d88cbe4d9c63f5ab9beb1187154d33906126

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d5c0d64c8b914c7d32a403586065b284

    SHA1

    b959199b7c930dd197681dfa0ce0376562a4d7a5

    SHA256

    3a7b9a7aebc20cb5fcfa9999e5c52ce33c991f263c3c48690c4b6b5c7603853f

    SHA512

    5a32b430e6429f62a3f3dcd26bcce8aa6a1f928a7fc499e1a84071478d50e75354d79b870c28bb457ebccca5ed581e0253f17de3c3374b11cec6f5cab2c50efd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3bffbe5284cf517a2fcc4cde63b4f8b4

    SHA1

    cada686f4910670506ec0ee26a96cea24b9ce271

    SHA256

    a6d2e08d96a942d961ee99075b852c07270b5969d35dc1bd1168f7b4d8699c2d

    SHA512

    b7b771acab8913f82615c8151d8e20663bc49894ea92cb92733d344fee20b0474fbbfb31086110ea48007e83b62f1c51add197ab283a0646b96f6a7df1a36d37

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    30b191d1657e7ee7361c68f24f1997ca

    SHA1

    af16523e931834484dbce515524a06c19a6cbb39

    SHA256

    e78df8ea9d9d63f4acf32fc189f4410179b9fdbf5917b9f9179c076991c7deec

    SHA512

    81e555da9c7a957452e4bc128adaa18e8cc6346bab3995237ea8d1ffc7073d8612a7572d1153e147ebb92d43e59aad7d6f16680867562dcbc8ba3d67c637d7df

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d8f62ec58e81f4ddaa0e3ff8c00b80e9

    SHA1

    241c7523d5bc01c4c7a346559fca0100ea53b5d9

    SHA256

    8d3fd862a803695fed4d914fd433425860e6d06eff3cc5b9c886ba2d1ae8b1de

    SHA512

    a0889bc67311b841dcae8466662a563d917406728f6188f8eab5bfca4f39d3d38588cfeb536393acb345940f908633861f92cf1894ba397467b06972403c4c21

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4f2122cc18a080f092da7b8a96fb7aea

    SHA1

    92e8251de94e3d7cbf0aef7c44a0feaf2036e4c1

    SHA256

    d1c93900d691693c6c4d5ec2255272ab130e3228b78df2c59afc9556663429b8

    SHA512

    04c147a321adce2965c074b9fc7e5882471bc5d6912ef25c6e6149b131a41221969a7b794d587d2af1f9c0b66b8d1bdd1903ad8431cd97067f143c46bc6479b3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    de9e05bb2a23dbe53b8f2cd1dba83bd0

    SHA1

    636abaed95509789783f51734cbf586d8bdfdc6e

    SHA256

    19f87592bb17fc0b28f357b1643d6f052d6124bccbf09a204563ce19ae6bcfb8

    SHA512

    52853fa73680ab175f0e31f3178d595a2e0f9a138c6a5b351810e42d9a242e1419b2a9a179501c6c0047230d92a50098792e2dbbdc98fb91f8810b3bc1a85237

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c393ad2d0895a03f072cbe1654a427a3

    SHA1

    bdef05cd21165920c704730aebf0e64d293d27ac

    SHA256

    622ca69fb6213adc557f5ba98e413762e33662f8c62640a1d460986c11b1c6d4

    SHA512

    fa34a0a84956bbb88aa8a39ff2d6c5aaa5effb5bd966d2198b1b04f7685fcf2e36706cbfdb90cc92a9f8f79bc9b63ce52169a06363130fb29c70b00cf6edafaa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b08c430817ea2f3ce2a1eab4579e5bb8

    SHA1

    4e153df1242ba8c02c92571f79c019482cf7f5d5

    SHA256

    9ca7b1df3d49244a77c25b1951100288c5a6b649fc285aa1c8cfe1fd5b445567

    SHA512

    381eeeecb55c41143f2e54a63a0ccf024e5ac0c490251cf7479568aa5ff18e34c54e6ee1e1f9263194ee64ee0f7d82ec57fccd40b745e91b8c493468aca03dc6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b4a30e9cbd76dec07b783cd81b76d148

    SHA1

    80be7d963e2fe008f41e504f5d781e4bfde96873

    SHA256

    a70ede12350176c13532836315ab30349075feef10efdf793b7e6daf39031501

    SHA512

    669eba05b1d0069ad64f713cedd23662aabcdccdc385c2c9f92b4d219b55cc1588a517da6d79cc772a5beb0d30313ba22349c4708c59e31eecf68e50161b3527

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3f40be87c6dfa2a026ae8206b69274de

    SHA1

    cb0d25292ab8c3134c3553c4755051b55af1e228

    SHA256

    9a1a071075f3c5d8665700ec1618f2c421b04fa9b5e3b20a6dbbc10a7beb302a

    SHA512

    8815cae9d871f3192180da7cd9ece21929df99e6f8aa6c71ee58bba4264a6cc5ff1569c1596a57cd519a8996a2b6ade67736a7edcbb8d88a25087124797b2795

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab66C1.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar6723.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit