Overview

overview

1

Static

static

1

sample.html

windows7-x64

1

sample.html

windows10-2004-x64

1

Analysis

  • max time kernel
    141s
  • max time network
    142s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    25-12-2023 16:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    sample.html

  • Size

    18KB

  • MD5

    88be8b4903d9003cc96e52b60da20208

  • SHA1

    af08890a1625aee711d801e5d41699d86dc15dbd

  • SHA256

    9e422f65e82965f6d708198c73d90a7e97e61440603c4c4f7df05b8e6c7db0c2

  • SHA512

    8ada4c895cda04821762f6978a1c33b4fa26a3d634b0e69423846957b04ab8ae41bbeec8be0e1997ef8c58cdb075d621a613e4cad89d6e5f62f4927b810b4801

  • SSDEEP

    384:SInFpv1Zw4C8GgXzGc/1RFGvMotdvu3hl:SO9jw4CTM+dvahl

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\sample.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2912
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2912 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2708

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ad2869ffe182c2a0c17489cf3c925d45

    SHA1

    80860a35a36feecaba093e3f22d9168421ae9249

    SHA256

    85e89404656e12362f5d553e351690cc21111793627efe8350c59c272e04ff7a

    SHA512

    44e94482623e6720929e046788d1a9b3990ae5f1c3622c31f8ef0f593a5cd7f7ccf2cc823c6f408ed97d804f773f7c788f5a54c443ae7aa89e143225468484b8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ac7f7f5d0eea489b12246460ede1d5f4

    SHA1

    cf11372d3f5edebd4a9a696692173ae7781da432

    SHA256

    37c7641546ce22467ebb759274e9abe49a158cbec7dc966ea191dd3cbbf51871

    SHA512

    1eb90ee61283a3b89e986fe0f39a89198a8010743f5713988382caecd820d389f2226c359310479015fc3300d9baa33a1aa14cba57c8d53fe15560f358818b40

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5ae3521555d5819dda010978d27fb0b8

    SHA1

    c5ee140f9e83f764d1c4efce66cc6ff85a77ed66

    SHA256

    8ad148c6111193fa1ed7a1df138cd15672623b60015d842b35a1cd7e8b0f70dc

    SHA512

    c29dd772e35050f4a718d759c468827e1b8bdcc0d786bf9834bb585627279dba4b5797acc4567fdfe4d3e91d14bb0f3218d37dc7baffbbccc7104dd302155366

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    093dad5beaeaaef8613cd1552d4ac273

    SHA1

    cf3648a91c0d08648053d58122ed3a8516e86b88

    SHA256

    84024a35724bd5ac11b29bb7ce5b787861b9228b7e012cf67fd383ff968e31bf

    SHA512

    064776d105bb5eac949c7367a189b73690db6b1a2fbc6162f3bdb69c55346063929ab21fe8e2bbe22c780f88028fb4ee44877210ab009f412cf8995b4c616056

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6IJYZ6B5\Japanese-Anal[1].htm
    Filesize

    5B

    MD5

    fda44910deb1a460be4ac5d56d61d837

    SHA1

    f6d0c643351580307b2eaa6a7560e76965496bc7

    SHA256

    933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9

    SHA512

    57dda9aa7c29f960cd7948a4e4567844d3289fa729e9e388e7f4edcbdf16bf6a94536598b4f9ff8942849f1f96bd3c00bc24a75e748a36fbf2a145f63bf904c1

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LFTKP12M\Z97NWFGL.htm
    Filesize

    95KB

    MD5

    e3d8b295b31e5c99a936baaa6a9986f1

    SHA1

    54069c468bd6820c200a0bdcf489e057da34a7b9

    SHA256

    7a79bd28112e0601bb92a3972b872534dc53db17d1047fd91ca3ab7c1eeefde8

    SHA512

    ccb2d4c63c614545191d4e9e3be99522a869253bed522d517058781954dc92d9dfc8201890f0465092911a5fdd0ac1a09aa197c7426e0a6ab968fdd92a0634b0

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabEA3.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarEB5.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit