Overview

overview

1

Static

static

1

sample.html

windows7-x64

1

sample.html

windows10-2004-x64

1

Analysis

  • max time kernel
    39s
  • max time network
    169s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    26-12-2023 15:50

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    sample.html

  • Size

    22KB

  • MD5

    38cd66f4e5ac120154750b0f312104f2

  • SHA1

    9428a7ddb5ce2ac230de215bd47cb225335b3982

  • SHA256

    825f146d5c7ce7d8cf19668ceb1a0bceac93c4e9caff456f2d038cd25187df6d

  • SHA512

    c011f49c3b0eade5ea0c6f6532dcd03c9ffc3426d4f80557b17003f3be118feb003f80e3e7a486c571b710ae83e7b1e77d29f4636842896d910883c693d7c990

  • SSDEEP

    384:r3SFpvsihJclKCnm0BPeYs67sDNGWYGRQe/1RFjvMotdvu3hl:r3o9holrnm0BPeYs67sDJQCM+dvahl

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\sample.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2764
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2764 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2844

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    13ed0508859e6ae41eb082856aa39a09

    SHA1

    d9cb94a83cf54375b51059e2afc397ddf064e201

    SHA256

    f30009c15e75864e5bbfb8cec2beff46cd3589ced3bfac6d117e6cee5c7770d6

    SHA512

    08d12ec2ba36da4f6c90bc68ea1552bd45a3612ada65757f5b7a84a756aa36d053023c5ec926090864ed708959473c7bff19eced3e08a8dc191c9add89402134

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R1EBDLS6\RE8ZLWLZ.htm
    Filesize

    87KB

    MD5

    4e84c5747af180363709654c12d3b16c

    SHA1

    f7d395bd55933702f66c9a4ca19bf335462b1860

    SHA256

    f94b16c9835a06b20472d3173e0c077fb74e07aae564d1ef7264e6b41dea22a5

    SHA512

    318176962477277feeb054b05dbcfe024480db4502914c8cc3375ceb9e08f356fc31aac158ff03589721c98ff725297aa6a1cb73327f768c1ce89572841977cb

    Download Submit