Overview

overview

1

Static

static

1

494c091619...c.html

windows7-x64

1

494c091619...c.html

windows10-2004-x64

1

Analysis

  • max time kernel
    142s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    26/12/2023, 01:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    494c091619e4af59971d31bfbdeb95bc.html

  • Size

    159KB

  • MD5

    494c091619e4af59971d31bfbdeb95bc

  • SHA1

    5ee6a7012fc54cfeab71dc6b6ba07d4fbd1e0e44

  • SHA256

    430f27d88b545b477c7499d26c39780d5de13aa604698a031f4165399279c279

  • SHA512

    5037058400f3e9f67873084cbb90124baae7439f6d1c7747891d47463bda16b4ebd5eefe988581153f23a5393cd7a009db8dfcfe4e01be13dda36051bd893e87

  • SSDEEP

    3072:XFuSF3V2UP13G4k5QhLpOatVeP5i2D/fNbYaaLStRTcxWUu/v66sbsGon4G59t9j:1f53G4k5QhL8atVijfNbYaaLStRgxWUi

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\494c091619e4af59971d31bfbdeb95bc.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3036
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3036 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1212

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
    Filesize

    1KB

    MD5

    4427305210cc57bdca1710add3dc08d6

    SHA1

    64e9525f7d2b88d3ea433792a12595c68f081b11

    SHA256

    982c59857489523587650d804d50498feeeeef4cc30d595fc16924d41db17b1d

    SHA512

    916659e548917a018fb9c4d8c8d6e9acdab7d107d506e50d00ecc0f2bdd6668a76a1a033ac90ce8c44a45edc4e0166b2ce8a2e79a664de9961de14729f104ef3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
    Filesize

    410B

    MD5

    9a037614ea9fec0ea3a3f02c4754b096

    SHA1

    bdb4b7d0fc03466624a2f2cf105037dcf92502fd

    SHA256

    07b6d75ba49b0d9ad3c73f002cf21ba7937c47750025cfa39079c9288389d99f

    SHA512

    8fccd873361a7214ba91a188236fb4bc27b8f20c96c7fe15110bbe24cd3d2cdab19e6815dd375064f6c69d3de5009f282b67c41d67283ce2f4f0f53892f6f7ec

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5034fa785bb6b3dcb8c2d5c3172451f8

    SHA1

    915cf13ff14982c0939bbe107954f67a7b286138

    SHA256

    7dccbcb70ebf9643a7089cbdef63f58a150480d0328dc6796f1689005c374143

    SHA512

    944b776a87f05133714fa12eb2ff8cd606acd5896a4d9bd77d96baceb641a76118e5c6092985535a9ef46f4ae522c28179e6dde6f48d427ac794709b3e21e5b6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9474e445ae3039759ebbc01da7a4d104

    SHA1

    b872236664a03da9cd5b5ce8a5a7b2d6d06ba6ed

    SHA256

    27a447f9ca0816b5189ea2748c012df39d52a0df7a142fbe760d6b455c64a7ad

    SHA512

    04cd2aebb9d082f302e48f756c4272a8cda891ead36f9d70a82e7fa1bcfab544e360337d8817360fc9ed04a8d7f0c23b89c9b5c8cd5f03c8bdd414aa6e1ebf55

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5cbd2738e6a6e500ac45e443f2fcb3e4

    SHA1

    c551b1cb53a285774784e3195fbae9b18b33576b

    SHA256

    52347f8a386a27624e94a9d8a1f2218742803f91e73808655ad820f128557625

    SHA512

    11baa658cee15ec3802f2029d8d933e72dfcb53fe0365d40f7e780f82a9bfe66ce73d0120caeb3e5576fab5fad62ae1bc55291d697b334040aa278a64235cd8b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2ce22091b2e626f4374eac0a117ef1ff

    SHA1

    4ef4dfb7fefca25f0db037b2d10512ab1a3edf64

    SHA256

    0a3daf72d184c30ee64686f065b5c39808f317e6c9a06e0e00f7baa92dccc51b

    SHA512

    7a20361f68d8f8384b14d15e7259ab3bb9b81a62eb349b5be91dbbd5e1df590230745b919e118e963f7144e44c67bc9661b415d24fb6aec4060b8ca22c3a5818

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    580dc15a2810cfa1f838066ff6d5a9f0

    SHA1

    64354d8639e12949231c26d217b37db9456812a1

    SHA256

    998a10888ee1b57cbad496c0f7fb15b7856c6f9727bb5e91646f76c009a41d2a

    SHA512

    67bdc317227e48d652037a9afa4a15104a00bf09c77041cb172264330c58fde825f5a3cd9e468f7efeaec11711c8be759544a320ff5deb9c31c0c48428c952de

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    405d77a11b6382fee3f5e4e6849da260

    SHA1

    7c17a4f373cdebdaa7f3cdf7c6cd65548a954604

    SHA256

    4b7da76df5783de45f89945dde1de3370e996ad841ec96f284f76aa7074b9c93

    SHA512

    5eeca9cd91c0757fc51edb72ed0fd501621d80ab9481f6a7fcbd00ab1dd112f2970a5365cb5da7587ffaefcfcc4132afde8ef0ec7d58470a720870e0750b6996

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dabda30946485df09364df342f37d670

    SHA1

    2653dfaab3b8e8f8eb4e8fdb6148a655dde5c652

    SHA256

    21dbea9a0badab6bfdd258b47c956084beeba057bad7624e105f5c022f2590a1

    SHA512

    21dd47fba127b1b209a0a148310a8443dc0123681914e25e51f2a0388800f611a1a0204f7e9965be893a4d005cb70e3118b462f04c8f1aa02f6d8b4a3ac27d65

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    92eb00d33b49712ca8d4fd931fb4883a

    SHA1

    48e6fb2930a190d9929ce8592399e0d169d48151

    SHA256

    9ed3b862200ee2ceb22a3978914dd78a5179859d1696fc9ca45d1bd1e29f6431

    SHA512

    75e6f091ad926ea70c4ab3a44ee1804eeba2c3152cee22fa091607c72674288fb904a1d5017ff4f3e6adcece983d6581ededf52b4dd634ff57fad469be424350

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    34a5b43a58b5740eb0adfcd85933b7f1

    SHA1

    00712e8c0a192bf0cb771f949e59d1bc7ff493d6

    SHA256

    fea9dbce0fdfde9be70212bc8b37f1624a73110f35704cc6c4c08fb6b7efc565

    SHA512

    f623a315cdf1a68092e4096744f0e8531cb7c39b6e791dc2504f5d843cd35a3eb2a501789266d3bfa813ab0f8367545149518eabc89967891abde01b31256006

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fa2597bb238bd06bfd7386b735bb4b73

    SHA1

    f4b87399619adf4cd6e97a7d774302eb9927cd2d

    SHA256

    a20f19c4797d45f85283a7b8f5a8b309dad63f149fe28ca0a217328ffcc25222

    SHA512

    7a43531df82b20141189fb9f909e3ba777dcab3f58b4662544087984343a148e1b66583d553165817b49d29045503dc29ee94f8d879715b718c4c55040cd4a68

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6c167315bedf152e1a1d53c918ea7f6d

    SHA1

    79e1b634b89996aa51afc6963247f34455af4361

    SHA256

    a7d63fac2456b3b42a380ac696d0b526594a454a3531dbb288158472972ac20f

    SHA512

    646510f1b6f1f4a1db619f0939959cbb983aa6d3669253831f75d9a923ab214616ed5bd489973465487889471d6ae7952936c7dce33f023044ff0882d7a4efcd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
    Filesize

    392B

    MD5

    449b16ac4e6dbdf3c7094e559bbfd484

    SHA1

    c70a63ae1ce6d20490af091010f9169f6b9cdb81

    SHA256

    2cc283ce131d47984dd4d335ad6225e30099c17dd8de0a4a0c10a79b1cb52aac

    SHA512

    c3d547f1c37198abda99a41d9ae08b81090d6e5661b3af5cb29765934d1b7bf3811459c225c6d028e16200b3e771efb2dadcbbbcff96f08b7d802186a4d7cc72

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\53STNJLW\rpc_shindig_random[1].js
    Filesize

    17KB

    MD5

    f019fdda31635d2a31b151ad8ad56c7a

    SHA1

    6adcbec55f66ffaef83d9a134423aa98eb2a2189

    SHA256

    c7fc0b1526533002c956ebf8e8c42c3ad3f96c41ace73fb4063cc89051944831

    SHA512

    fc278c12316e098976833882a38c788d812f9d36bd1b9b2b8c87dab4dc906af26a860df95436ea1b7d509236d44d0533d475a153437f8f5d42653fc28a77ad64

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HJ0GGVIM\478691279-postmessagerelay[1].js
    Filesize

    12KB

    MD5

    92169c8a0fbf6e404267d0705cdbdf42

    SHA1

    a5cd88b74ca5ced239cdbfb458fe25540d671f46

    SHA256

    dba668b49a111527aac8f616b9053ea57c944e01a84ebdcd02a13da921223384

    SHA512

    8c5d35ea512fa7be367cd9a9ded2f23822dcce730e5502a355ed0d48949ef763eab13be0d50a66de6b0f8419d6a002c12c4ddbf20d97f5393ba922e48a4f02e2

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HJ0GGVIM\cb=gapi[3].js
    Filesize

    133KB

    MD5

    288c5ba5b7001fe841c32f690f62cc93

    SHA1

    29aba9d8e4f7cbe25fa5e64b9ecbe256e51fc789

    SHA256

    c2f33dc18eae27d4e878bf837dd97f1bde5151e44b0271408535bb93265b8c52

    SHA512

    e375d41344a086d35accfb02bb1f91e2dd383db032af387fc3d6b1230057cc5e432e9b2cdd976e51425b4f587391d42f4d9d857c2e6f11e822a65edcb85f1c9f

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HJ0GGVIM\plusone[1].js
    Filesize

    56KB

    MD5

    1944af3661da46249991197817b6cd8b

    SHA1

    f952df40ec79fafc7c798f37aff92878977376ed

    SHA256

    63326a1c4e0eddd3501f0a064b06a2708eb0362f3ae934f53145978d3d0799b5

    SHA512

    0bef19b32be337cfba179ed9ce4533a207cfe645d2e5fe0da9fadc7b01c72704fc89749670d1ac48b8d494675bc62ac089fdc4d8495979226f10828225594376

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M2VO416U\BAMXMAGA.js
    Filesize

    157B

    MD5

    67e216a27dda24bdcb086c2385b0cb99

    SHA1

    17141c80f5d32bec3691c5ab24741d8b7dd5f0c6

    SHA256

    9dc433b2142d3ba0803fcffa53f19d34da26996d20c829df6d694bc887325dd7

    SHA512

    802319543dc64cb011bc2684004e878a842b73aa55e4da1141ccb8650cbf42fabbf2b46c730760bbfcc7a140e11700244b9f5da78bafe9fca7ec7825c12b4255

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabEEB5.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarEEB6.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit