Overview

overview

1

Static

static

1

20dcbdc74a...8.html

windows7-x64

1

20dcbdc74a...8.html

windows10-2004-x64

1

Analysis

  • max time kernel
    121s
  • max time network
    141s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    30-12-2023 23:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    20dcbdc74ab7457bdb0cfb8f596f84b8.html

  • Size

    1KB

  • MD5

    20dcbdc74ab7457bdb0cfb8f596f84b8

  • SHA1

    4e1b8fd34dc40ab95f3698a1ce19d91d40b8cdf6

  • SHA256

    0b30dd52b5a074b77c36b343f5ddd9517d0dd6f501d6a8b32ff38a479a0add00

  • SHA512

    649be2a8bd69cda666a209a5e50462960355c33d13ab7b168641c133f6337b7cd975ba16df7ed888eb3e1258cfc68789d1aead34d320f76e2d2cdb166f0ad2d7

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\20dcbdc74ab7457bdb0cfb8f596f84b8.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2276
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2276 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1428

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    993664f2f75f4cecdb8df87ca88ed806

    SHA1

    c9d7d2e41644fda746e82fb9f5b4469b55d69489

    SHA256

    35d3152d2c30989194e84e5b615d27a0feee36c9d66d30ad895a09316cbff114

    SHA512

    6cf194f2a297505755ad1efa2c1fcc45c4c007a46d451039bd766ba705dba6efb1778452babf0b3f8381fdf279d22ce4d05d373653e92e17b85bbc6054d14ce7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cefde81263e5f6285e3ecafa060770aa

    SHA1

    6d5b226c035ada86067933976389f889f1d261f1

    SHA256

    864b941e18d3220c6b96e003f0e9ab79ff3c75875654202a00d8674aab588416

    SHA512

    9995b2b86a3304c9a808031b43f2cb1c61e60f713f292f4e503a2b5bf647f64d394b0624056df3d9a85a2999434cd06c3b66e24799244ea9a92c4912b4e66332

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab8C77.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar9523.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit