Overview

overview

1

Static

static

1

29b97ec54e...5.html

windows7-x64

1

29b97ec54e...5.html

windows10-2004-x64

1

Analysis

  • max time kernel
    118s
  • max time network
    143s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    25/12/2023, 15:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    29b97ec54e7ff01035f42c8cc6653f85.html

  • Size

    73KB

  • MD5

    29b97ec54e7ff01035f42c8cc6653f85

  • SHA1

    f4d50dcba97d5c3c2f4196ed0e04007667b10d51

  • SHA256

    16f63ad25ae0bca19548c01662a3aa9855d2697bb43a43857d5e6698d360973a

  • SHA512

    8e9a66eb72c3f4306723fca7e4c6703c0fb74cf8f8cd34302a971804fbc08901041a25a2c4ae8c5941a297b7314fee68cc6db151cd5a7bafd8b2f1e44cbb2d03

  • SSDEEP

    768:AWpOrFWN2asoljFIYgIofylwHp6/eC62PX+qSK9XsJdw86CelsMpeyFGylEvdJZM:AXqjFIjICdbCPX7XYuvCe6ljvdKL

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\29b97ec54e7ff01035f42c8cc6653f85.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2232
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2232 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1052

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
    Filesize

    1KB

    MD5

    d80c0012d6d869bbc5b2729096de40c6

    SHA1

    9a6a4230c164ee03db5e1279563ebb0acd3ac5eb

    SHA256

    f42d148b01ce2fc59a6b8ef8effce31987d9893790eadbad75ff9a7bc2c1e9b5

    SHA512

    d880c47277330c9afbbc1b9b6d717653732b8527dfa7b3e61d1d9d8baaf1bd5522e98ec32c6c8ad8d2c7faf1b3c731b2c82b6fd8704de9f0538575f0f56cc61a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0cafb3d5643700704bbdfb02be8ffa9b

    SHA1

    930bd44327d2e57fe4388141c69e747f3f1daa2b

    SHA256

    4ecd9bb03832762fa1753789f92df8e4c1656445cf6179d777f7faeba5ca8c2a

    SHA512

    80ae0882011c5a7af49d9eabd63502ee29cc5f5df0fb139bdb018f957a42f70484f2988e662c6c102b76209f298a33cbe68a6629c9787d17da8df090faf61eab

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f18057707d8344b8327e14d4c833a076

    SHA1

    08b7491ed8b9cb95ce73c5ad45f27ab8d4aaa3e7

    SHA256

    6ff687beccf8ca17a40ed0241b3a5e152a0e9b708950fe2a5faed56b79c985b5

    SHA512

    2fd4a56d128e6d2dae98e4b173bea7942f968f7ce8307adb2d5250b8d09ce218bc7bc5c0f9a13eba23befa6b44d69bbd91ceeeac549fc3765a36948eea6a81f6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    72f9de519ec1b3ed1c07fcdff17f7ed0

    SHA1

    8724713f7ea21fc0bce14dd34532a233f84554e6

    SHA256

    971527f3a9dedf59511876a9d52c5db8f16180f394591fc534ad76e26bdc41c3

    SHA512

    208a06907e855925a75e2ddb3a2c63abb787453a567dd334c4f56ed19af9f99c5a2c0b8bc422df2ece67213921eb13689aa84de10e188fb18a2b9dfe2dae90fd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b2852e926da5dd4b62775698561b4e8b

    SHA1

    8463c1f13436709e5d4d9254c65c60e486078d2a

    SHA256

    fc64d1f7816f3dbe3ced9f1118ca12480389fe144cce63f6d914b1827f214f8d

    SHA512

    fc721b6fc952b6b5563755e9c277969f72d3d4c7a032b1035eeb78c9150950095491d5464cff0329364314f53905c7244845b590703a3bc6d24f3b62823dc1d4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    49760aa46f8b45940209a4b51d793e6f

    SHA1

    6936ff8d85748f9e565bb0dac2642fb6ef0b2aaa

    SHA256

    1b29f68996df7eaebbacb973f923ab5f770ae6b27f5d56e452b70ca3f4205a79

    SHA512

    7792d6e0341540ce6638fbfaa063ade340352f6897376cddf37079af227e01ad397b8522e5a7f366a5506c09ccb329967cae6845228bed7574372061a3214b3a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4b1e04e34c5b2427e3fa85da764f107c

    SHA1

    a3ef890ebf64da56f0994b4787580aca4a1dc574

    SHA256

    ddeaef7bb49cdb0a4efa5ecb193cf69466e532ecab0a567ba5fc1169ebff53e8

    SHA512

    d60f681424850c10be593c13d848e0f4c37d166a77c05f9dd58f4b5771aa51527d949ec03b657e1eb5443ad2fac5df596ef4d299b4c799dbccb4ddf3326b250c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3c7dc6f2dab67823506ace7c108655c0

    SHA1

    57ac38cb902dd08c769e2561356704e04291ac69

    SHA256

    ab3eecbe9bf6463acc61e640b0c6f379034dcdb30215eab72f73f06dbc10aa78

    SHA512

    fd86c2df99cb681aa803f57fcdcafc00dfafdc8df5db396891b022ebcce17f4413272c43b9c91c0e0d38a27666ec9f78aeb4713b8c30e5ffcbd259d826efddb4

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\53STNJLW\cb=gapi[2].js
    Filesize

    133KB

    MD5

    288c5ba5b7001fe841c32f690f62cc93

    SHA1

    29aba9d8e4f7cbe25fa5e64b9ecbe256e51fc789

    SHA256

    c2f33dc18eae27d4e878bf837dd97f1bde5151e44b0271408535bb93265b8c52

    SHA512

    e375d41344a086d35accfb02bb1f91e2dd383db032af387fc3d6b1230057cc5e432e9b2cdd976e51425b4f587391d42f4d9d857c2e6f11e822a65edcb85f1c9f

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W79VKSP8\platform_gapi.iframes.style.common[1].js
    Filesize

    56KB

    MD5

    f6140cf2e81a9d5b9bc96970fe1946f6

    SHA1

    e18cb20a08d0c13d44b72e36e9560aec2187abce

    SHA256

    68cc8a99c8ed5cc0eb3aa2146fd34bee0051bfd98faa3c03b83c78b4a12a8bd5

    SHA512

    1f61bf7228ae9fc1b36249223f4ca0675da05beaa6c00b28b7fff500e0527ee237d139eaf6793ece67f8730dfff0207bf945a848795aab7c57301433449a8acb

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabB5AB.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarBACC.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit