Overview

overview

1

Static

static

1

6ed21ab790...c.html

windows7-x64

1

6ed21ab790...c.html

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    157s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    26/12/2023, 12:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6ed21ab790de37a987d44a29ffd80a2c.html

  • Size

    27KB

  • MD5

    6ed21ab790de37a987d44a29ffd80a2c

  • SHA1

    ae6f8af79b989f93a4af2a059af5037f346c43a7

  • SHA256

    dd5fefcff791d895e7af4d38ebf94907165e95c392f75603a8db973e9cafbcf5

  • SHA512

    e005271ad3c12ba1089e8aea20468c0f0237dad6583eeb4c6a3a2894b5e4cbbd48b81ce5dfd6daea93a1e818379622e5401b30788b732b452d4b5e0dbccc16f6

  • SSDEEP

    384:4+QfPFd9QZBC7mOdMgK9KfpC5IgSnbmFe7AcIh6nKngAyPd:Zcd9QZBC7mOdMgNpC5I9nC4NdPd

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\6ed21ab790de37a987d44a29ffd80a2c.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2096
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2096 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2016

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fe94d138319c694a8b43323235cdfe29

    SHA1

    a5492d604945e3865696645a3bec3087f38db6fd

    SHA256

    a86a614f76ed6f41034727064373d9a66dad351dca6259fb5cc3b1139e3a79ee

    SHA512

    5c72294e0a2e3385762e27c52d8e5147b17390d3b5eadf9b863943eefc2e23a9b70d57493798dee1af343fde6398cb1b117bb126ce44819b72299aba36dba209

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    859143b2dc4d0f2ab1b106aa183f8ffd

    SHA1

    74fc2f4ad535802bcf4f886697dd4bf14884252a

    SHA256

    32f18fc4e13696f5dc69a20a2f89eb0c26572c299567819f744c10978b6c0f13

    SHA512

    5aff95be99cb4f2d243e027bea8a0defa9e48ee7cbbfb6d5f9e5a0bd71b5ad1ea669eaeabd850373d0e8010c452df8d7e6a4444a7a0adf391f222f5ccf52c77a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    df8b4312dcd5b5dbbbeff5c26c2f4da9

    SHA1

    6002ca78321023d13c457c119501170f2801a2f5

    SHA256

    92e825f537a25e0e16fda2f6135d81960265ee42cfa60967e8e0686f3969187e

    SHA512

    f1bc38c20e9965c1195df016ed838dc52f94804790346214b490fe80cb85506d2a605267eb96c5743a7f75eb8645a7255f32ef217d2fda02a44de725f4ea54f5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    34d19ec784a0591df3d0f5d22ccf486d

    SHA1

    4c7c122a2efbdd54cc724f7de75cdb81617ef49f

    SHA256

    bc1fa0ad6cc950419224102ad20e230be95d0ee07037ddf1380d3f52e5b043bf

    SHA512

    02f671eff57cb6eb450c8d6521037658dfdf926ccfa49ca1bc527e0a57f96cf90b2ae686d6e0831735346de4f0bd902aa928c96a63ec36836fd745b78b83dcfb

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabD01C.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarD1F5.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit