Overview

overview

1

Static

static

1

69df3845e1...8.html

windows7-x64

1

69df3845e1...8.html

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    159s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    26/12/2023, 11:11

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    69df3845e1c15f5f8ff75717ebe60018.html

  • Size

    231KB

  • MD5

    69df3845e1c15f5f8ff75717ebe60018

  • SHA1

    1b0829b9edf3a5d86cde9c427605dd34c19b8186

  • SHA256

    826a185e3db6f259d5fb6e0b52c9182946b8a3c945859d5d7f35d3d0eb66e204

  • SHA512

    d4eff567647c3309d6c89e0d66b9a193c3fcacd87c34f1124726c459c8f4aa068678a9fb2d9742035c956ea51dc1da07378ec4df96607a2153c9a3f585289bb2

  • SSDEEP

    6144:E/a3G4k5QhL8atVWArfNbYaaLStRyhbW6Snj1Cdf30c+JYxWUu/v66sbsGon4G5O:93G4k5QhL8atjbYaaLStAhbW6Snj1Cdh

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\69df3845e1c15f5f8ff75717ebe60018.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1712
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1712 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2688

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\265C0DEB29181DD1891051371C5F863A_1AE11409F57BC5D68541053A9AA94231
          Filesize

          471B

          MD5

          67b86e635c2feec9dd145a3a98d3aaf6

          SHA1

          8ba117bb2273df8e96099ae7e0ce181aae027ac9

          SHA256

          5af11ba1b706a17182ea2ce45dca4ced558478186000cd558d0c9e1f74d1f35b

          SHA512

          d781a76a504113058ec9277160b6326f266410f9f131bd0d5e2a4c78a30b9915f43c8cd35a6df044d53bb42f3d0699d4a94cc8e5f9968fc3ae9871270b071cb9

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          360cbcd43ce1c5e179fdbe92f5953815

          SHA1

          08f626beceb88cdb53f5d78a1ba81455c3034086

          SHA256

          2d5972ed2bf150d764080a06d5993a6b0e87714fb9f63da54a48c6e83e67d5b8

          SHA512

          59a4c618b0cc4af1104cd71bab7c930e9b830a7c182f1aabfa0813738b83bf65a6e3f2405d286c6aed04a37e57943bc721b4c54f0b7e2584e869b312938e2955

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          41c7d4453e72bf96b6485796c27966cf

          SHA1

          95290bcb2496b087e9e0fe95b738f49ae6d8b12b

          SHA256

          199101c6f4158558d80f8ca1b26f57ae86486d9d2bbe51428e2dc08a59da7193

          SHA512

          bad2171cdb6a6e12c47a720164f536d100b4ff2083e2fb76c26f78e3d404bdb055c5ef7aa32a56de91b64111352418c2daa4e235c9a6d9143bfa07fa8c3c1c5c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          e41ebdcfd81a15b9a4f19fcf16981481

          SHA1

          a334b33a6a2cd3a5e1161ad1d03e535cd7616b24

          SHA256

          f49b4a64ea698a89d923a66249727df7b93b99c15937339ebd3a5a6b65ef5def

          SHA512

          8dd5ec776e48b2ebc93b58ff6b09ca76a6eb09f4ab6841a9cb48b3e3065e62542bd022bc4ee5ad9ada2f74e16e39ea27f4037e706890db0a71637d7e6ad22618

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          0e93c60fb53f0474161f9c04c0d63ae1

          SHA1

          d9ef0cfa465bc3cdc913f52c5637cf9458e291a6

          SHA256

          8bd613ec37348c8efa22d4f807d38dd5018af24f24bdc7d7227aea73ee9e34bf

          SHA512

          157bd60d165d0556f1a2258384d871d225f0ab34fe9d1a0802aac783be160034c2f4cb99cca6b30d2316264786ae29ed620182801492934bc036538f4b72f992

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          83343d7c8b998f50e6cd8fa8a12abaa3

          SHA1

          58bf640e47b9cbb61d3e8deca1193f0d9c003a8b

          SHA256

          7717baadc353df789a3711913337b82b5329068bb0dcd8a3533a7ee92707f1ba

          SHA512

          7d6e9343bb7f0e5214c613d5b40cf19ed418514167e506d8ef51fe84ef7818b11bbd499bd5e0af1a69a1a00d054ce08bb7c3027147342959b87da11121d7a85d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          e25ebf603676c9448187db024f7a3e2b

          SHA1

          5641803de4d1d47a314b94766ebf6cd26a00aa47

          SHA256

          c2f9228fc8e8892b48e22c548028b284a174b78c2abfd0c2b54abe805e69df6e

          SHA512

          78a3d0f65ad3c84c7cfb7581e2a1dedd786cce143d05fdc41265076778fa8cd1f498a65bc43cf04bdbd409a67bd271e651b7455dcacadbb98ab698aca2b41c30

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A89I98IL\cb=gapi[1].js
          Filesize

          133KB

          MD5

          288c5ba5b7001fe841c32f690f62cc93

          SHA1

          29aba9d8e4f7cbe25fa5e64b9ecbe256e51fc789

          SHA256

          c2f33dc18eae27d4e878bf837dd97f1bde5151e44b0271408535bb93265b8c52

          SHA512

          e375d41344a086d35accfb02bb1f91e2dd383db032af387fc3d6b1230057cc5e432e9b2cdd976e51425b4f587391d42f4d9d857c2e6f11e822a65edcb85f1c9f

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A89I98IL\plusone[1].js
          Filesize

          56KB

          MD5

          1944af3661da46249991197817b6cd8b

          SHA1

          f952df40ec79fafc7c798f37aff92878977376ed

          SHA256

          63326a1c4e0eddd3501f0a064b06a2708eb0362f3ae934f53145978d3d0799b5

          SHA512

          0bef19b32be337cfba179ed9ce4533a207cfe645d2e5fe0da9fadc7b01c72704fc89749670d1ac48b8d494675bc62ac089fdc4d8495979226f10828225594376

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U1J1BPYJ\478691279-postmessagerelay[1].js
          Filesize

          12KB

          MD5

          92169c8a0fbf6e404267d0705cdbdf42

          SHA1

          a5cd88b74ca5ced239cdbfb458fe25540d671f46

          SHA256

          dba668b49a111527aac8f616b9053ea57c944e01a84ebdcd02a13da921223384

          SHA512

          8c5d35ea512fa7be367cd9a9ded2f23822dcce730e5502a355ed0d48949ef763eab13be0d50a66de6b0f8419d6a002c12c4ddbf20d97f5393ba922e48a4f02e2

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U1J1BPYJ\M1NV9FZH.js
          Filesize

          157B

          MD5

          67e216a27dda24bdcb086c2385b0cb99

          SHA1

          17141c80f5d32bec3691c5ab24741d8b7dd5f0c6

          SHA256

          9dc433b2142d3ba0803fcffa53f19d34da26996d20c829df6d694bc887325dd7

          SHA512

          802319543dc64cb011bc2684004e878a842b73aa55e4da1141ccb8650cbf42fabbf2b46c730760bbfcc7a140e11700244b9f5da78bafe9fca7ec7825c12b4255

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U1J1BPYJ\rpc_shindig_random[1].js
          Filesize

          17KB

          MD5

          f019fdda31635d2a31b151ad8ad56c7a

          SHA1

          6adcbec55f66ffaef83d9a134423aa98eb2a2189

          SHA256

          c7fc0b1526533002c956ebf8e8c42c3ad3f96c41ace73fb4063cc89051944831

          SHA512

          fc278c12316e098976833882a38c788d812f9d36bd1b9b2b8c87dab4dc906af26a860df95436ea1b7d509236d44d0533d475a153437f8f5d42653fc28a77ad64

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\CabCBD8.tmp
          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\TarD212.tmp
          Filesize

          171KB

          MD5

          9c0c641c06238516f27941aa1166d427

          SHA1

          64cd549fb8cf014fcd9312aa7a5b023847b6c977

          SHA256

          4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

          SHA512

          936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

          Download Submit