Overview

overview

1

Static

static

1

0c7fa3cf0a...0.html

windows7-x64

1

0c7fa3cf0a...0.html

windows10-2004-x64

1

Analysis

  • max time kernel
    0s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25/12/2023, 06:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0c7fa3cf0a9c7858332687b7609ac7e0.html

  • Size

    57KB

  • MD5

    0c7fa3cf0a9c7858332687b7609ac7e0

  • SHA1

    fa50d26471184e08f38f7143ee7dcd72711eeb41

  • SHA256

    e61b2c154f11bb6413c38c5ca42489006b3040e7e2a0e57193ec3d11b78585dd

  • SHA512

    6757e3761ad7cf632ab087025ec1ad778e6765a20a19b602c0027d52fd3abf95011a3b456ea3d84f6b5757ec6a498e3dfaba178b4a682627cd22eb942aa4a177

  • SSDEEP

    1536:ijEQvK8OPHdsA1o2vgyHJv0owbd6zKD6CDK2RVroxawpDK2RVy:ijnOPHdsR2vgyHJutDK2RVroxawpDK2m

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 6 IoCs
    adwarespyware
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\0c7fa3cf0a9c7858332687b7609ac7e0.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2292
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2292 CREDAT:17410 /prefetch:2
      2⤵
        PID:2896

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\9ALL181V\suggestions[1].en-US
      Filesize

      17KB

      MD5

      5a34cb996293fde2cb7a4ac89587393a

      SHA1

      3c96c993500690d1a77873cd62bc639b3a10653f

      SHA256

      c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

      SHA512

      e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\Q15AV1NQ\f[1].txt
      Filesize

      34KB

      MD5

      94baeae5a431d3f4b6a82c4a91f59511

      SHA1

      42afc199c30c4adf7d69bb10cc1b7674102cad6e

      SHA256

      df5d165b5af8ba63c3b606253a8c73dbdc132bc66153c867b4acbe47efa55f0b

      SHA512

      866c5064e7a88ff99696a64ef6cb3a770db74ae99d773754613422f6fc4d850eb32945d57aabcd0cbdbb9bec74ab2627a7d7a0cd14bd465086db0083756f0017

      Download Submit