Overview

overview

1

Static

static

1

201b6095fe...8.html

windows7-x64

1

201b6095fe...8.html

windows10-2004-x64

1

Analysis

  • max time kernel
    143s
  • max time network
    146s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    30-12-2023 23:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    201b6095fe80d35f622e5bac3ffd2078.html

  • Size

    147KB

  • MD5

    201b6095fe80d35f622e5bac3ffd2078

  • SHA1

    5d0350d47bd50f33ca83740846c7cf3512a596a0

  • SHA256

    4736384dd069ccf3f857f27048d054dd4f66539f08f8ee60f74e7f09cdf468a9

  • SHA512

    72a9d6288c4eeccab7e52de6a20b29a25f1c9468364f83b5c5ef2e4848e0464b8ebeee0511121535a517a4e14fd5a7f95fac9917945aba64f889b66f54b52902

  • SSDEEP

    3072:3dosgjUab9glRxglZPszj6w4nwEYBIf+0eLOnkYc4HsqWd7M:2nUazbkHnAHYBI4qkm

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\201b6095fe80d35f622e5bac3ffd2078.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1204
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1204 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2376

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
    Filesize

    1KB

    MD5

    1d0c58b9598f329620fc4e72e12234fa

    SHA1

    99cf995def589abf01fe2829a03eda1f11985db0

    SHA256

    a20efe64a2e8b208ec375a8a674e2bd5cbf16c775a80bdf5cbeb13490974a399

    SHA512

    b0f19bb4ab81384c38ce8740024fd29a4d921809d6cfde54424176d6df035300ce6fb3434727b5244dae20dc78999546d7d5d194ddc9334947f7746f2f4930bd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a80c55daa7215eba52b16b3b122efcac

    SHA1

    ce725f9b02b44e6c77376684f706ce365721df93

    SHA256

    27eada0fb5c633a1dc1e22fea49f05b301d506c43bd7e52c68c282db25336a1f

    SHA512

    9739a55e3595b03c5a0554528b6afa7da26c376280dda8cd6886f29b6ad52e92aa9de89a01de258b4d0298ec5f86e1bb49f9a39e0558797e0a67b4bd2ac11549

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    01e5ecb36cc80b8c89f8694218bc802a

    SHA1

    706ee5bba75401d34294fd897c4ef5f7e012318f

    SHA256

    f4aead68ad7cb945bbf2da652e05fab220b5c63b1c4feae99a5324e061c1e450

    SHA512

    e905003990c27feaa9d255dbe2f81b3504316db0c9ac875dfeb10bb0bc26bd8866a12b4dbabffe62c471f9e8fc8f57b257db66262c80b25861d03835e8afe686

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    27a27fcdea3c54bd038bb873c078ac0c

    SHA1

    5531ff9559ccf3a0fdeca6446797d45fe7808892

    SHA256

    d67dd376d458b5ae8484eae860b8a70bbadbe7df1748ab129a972eb3b36f2cb3

    SHA512

    c39752ef0e172c4146a18a833bfb2897cd0c82a60eaacb2b7e2328be23df6800d72df3e04a8896d219cd6802a25f799663a038250c5079f8e463eec75b107a24

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    588c97affe455cfc7680c38500efacb9

    SHA1

    21f244478616a69f043a8e6c7e92203927461dca

    SHA256

    057860a43fd540a8088faaa6eae7acc6ef419f3a4cbf826292951e39e5af5e06

    SHA512

    af29be21558c2f8949061d2e3ebe82c3bd0dd019a325d240621a89b04e0a843527338db4931bd341ea970ea9b8aa96acc1f28ecff362e526ae65c9a8aed25f0f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4c7265e99e13a4df1892ae5601ca0fc7

    SHA1

    cf87f923067c57b19ae53fa550d1ee26246be6a7

    SHA256

    c87ba972557435facbbdedf437fac3bb6e243b9b60bf242d1c9944fed376b200

    SHA512

    4a6f73338c321c2a83bb376a5ae49d442e04497574bb05bdcd569fb50d802bdbb08a6fe3cccd798f4cef20df50b3faad9be5c73819d2e454396b338c386d909a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6d809e2fde2825837c50dae916f6d513

    SHA1

    0d101af10ce258a5c82dae3d67335bf601ffb82f

    SHA256

    8ecfcbb7a457588308d10f3fda14d8cd05ea9733c21aa52aa4292f8e29fab6d3

    SHA512

    9eed268f1d8ec1d24413facc99785e676ee3d8cb4b1c5067b798cfb8006e228a434e806bad4819e610149c44a83577836277e292de7762bafc8d654d720d035a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3070d358aaba3cbdca00407896dc8ca4

    SHA1

    091e49c4b341e02230c2a6579f07c767eb06d5d7

    SHA256

    d173833420875cc6ae270bdcc83c040952fd031dab1e52b174551d5b09f7e284

    SHA512

    6ca51469c44659c42f2df15e7c365f0010fed966654a170a1257acac08643ade9f5e1c770c57e90f86a46c1ed906ccad9b29dbd959d69acca2d75ff460e0c76c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    42e6f6f645ee2658db52f195a2c34979

    SHA1

    93d739634c9bcef811248a36e6737024129af69b

    SHA256

    d3572ab269b72d56ffc724cad473a57429e61323d87129ae212f755e0843e2ee

    SHA512

    3d331b37ee2ef268420b39cb3cb37b43c888f6b911240e7453a88ce8eab9aa20d25709a8c6b41bd08120901e49962940aa80c88c8dad75f7cddfb259c4c2b00a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d2a0db0354df6340b4c51791718f0d72

    SHA1

    5be2eb745a5b5856ce603cfc620d75a9fba679cc

    SHA256

    0d46dbba97b696a05ce9ffdab58761b19b407f8c91afd28213f0b0166cd5b9bd

    SHA512

    aaacb50b4205d3d76977f88686a42c810ad1cfb52fdbff090d435cf2316705eefee8b0cc2723d9474cf0c379a5dcaf30f7738a792fb2186511222c287ffd1a0e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    aae97abc679fcfe1e247f46ee45d5eb3

    SHA1

    ee18275a0c2d91873f94e36e7093acc2a76631fc

    SHA256

    f4fe32b2ceccbed5b01f7859296d08a24d45bf52165010c23736ae3df6ac5a46

    SHA512

    af2ab33c4f942dc21c8ce227e26a236d0cc133ab46b4357717d13e2df5bab9e140bf62c04dfa967ea56ef3fff759edb275da9dddebdfff1e78683fe1c631c948

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    516261aeb962061b3c8b1a506eb87da1

    SHA1

    2ad4c306926a38dc4af653819ada637dc2cec3f8

    SHA256

    1864abe48ee191cc7ee3809b197c7db4a0d3badbff7e41c0c8511e4b9c955d3e

    SHA512

    ce6353321d0a7bc5c28a2e5f915662ac31bb45da953c886559c92315789901e3b3503e8e7aa078a7bd85a14ed3a187bc61f03b447a03be306aa023d9a4841d66

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U9VC31Q9\cb=gapi[1].js
    Filesize

    133KB

    MD5

    288c5ba5b7001fe841c32f690f62cc93

    SHA1

    29aba9d8e4f7cbe25fa5e64b9ecbe256e51fc789

    SHA256

    c2f33dc18eae27d4e878bf837dd97f1bde5151e44b0271408535bb93265b8c52

    SHA512

    e375d41344a086d35accfb02bb1f91e2dd383db032af387fc3d6b1230057cc5e432e9b2cdd976e51425b4f587391d42f4d9d857c2e6f11e822a65edcb85f1c9f

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U9VC31Q9\plusone[2].js
    Filesize

    56KB

    MD5

    1944af3661da46249991197817b6cd8b

    SHA1

    f952df40ec79fafc7c798f37aff92878977376ed

    SHA256

    63326a1c4e0eddd3501f0a064b06a2708eb0362f3ae934f53145978d3d0799b5

    SHA512

    0bef19b32be337cfba179ed9ce4533a207cfe645d2e5fe0da9fadc7b01c72704fc89749670d1ac48b8d494675bc62ac089fdc4d8495979226f10828225594376

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab62C8.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarB428.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit