Overview

overview

1

Static

static

1

0b3d56d907...0.html

windows7-x64

1

0b3d56d907...0.html

windows10-2004-x64

1

Analysis

  • max time kernel
    145s
  • max time network
    155s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    30/12/2023, 02:12

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    0b3d56d907aaa0d778bc1001e1458930.html

  • Size

    30KB

  • MD5

    0b3d56d907aaa0d778bc1001e1458930

  • SHA1

    1fdff3a4e90261ba4e24b046c014aa0a11e72e10

  • SHA256

    5e756cb34b32adf4b6c064bbcf307a52aa82111ffc99b962c63cb7df068f8229

  • SHA512

    a1fbdb140640e3a6ab0c520a8ffbf2043082a22c8e0f11533d1b6d6b2c06a83f94aec8744a3c229e0b8eac0f3da056f2358315e3f5904b034dda12ba752c33af

  • SSDEEP

    768:8EG5J6bgE9BxpS8bMUXqWKBjLJ9vsY0hBqiZXdn8F:5G5J6bgE9BxprbMyqWKB/J9vsxhBqiZK

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\0b3d56d907aaa0d778bc1001e1458930.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:840
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:840 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2292

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          43c96af0a3c538336bc04a4ca20af7c7

          SHA1

          921d9bd49510f6f41dce4d4b43068555e67f25e0

          SHA256

          a63c5e085fc508f2b4615b257a8c703e52299e72ec4adbf3694cadb5657d2623

          SHA512

          895d5e42637d92a2d92990f645ff13a39aeb1dbbbf8069fd5a71d7294d39b12b86a46124d4af7279a478a611d47884f449c444d2108635057174f04e4de57b63

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          2ed5555757a23c856bbc276a744d97b5

          SHA1

          368f98416f7fc31040bb1e52aa4b81a4f2e5d6fd

          SHA256

          cfdff4519bba5434d35623a18338af698c0d52cc6446e5a0a9e9733beb04eed2

          SHA512

          45009f4c5ec88c73af505276f227167e293d69dd5874f6ce0841a45cbd45aed4eba5e479afee28dabfdc6dc3d09c487a90025c2c11b8db42ca5953a046d549bf

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          58a64515a6a74088ecb3ed4c4ccc4fba

          SHA1

          77978fe70c1e7c5dd9d9b0732d4f9e5d0c300b12

          SHA256

          459f378aeda7a6bb13a6ef8b184153fec5462fae1526c77b1e8ecd2068c7d059

          SHA512

          23dd1d5b70326bdf0679a9c185e562b695938b6ea0f945fc63fbfd4043e2823af72519283c0caffc90499263040e83aef86af9cbdfbdf724d1f597237ce8e548

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          48637bd1ec1cccb80505c5bd6ca53875

          SHA1

          2ec4b2db6ffcfe849b28dc63438679c014fb2267

          SHA256

          0280e9466041c89fb22f9b68a5121cbabf30f1e035bf0f2a290352584c916873

          SHA512

          d53acb24b30379fcd1e0edfcf7e78cf11d4e43a24ac16668926cc1da3561dc633ac924a4cfd1d57d40aa1802f752d956315b903ab8dd43defbcc86c0d0cbf468

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          a7165371738acf371c3869106cb37874

          SHA1

          c5e614727fd1dce2bec940f43e96b7cd90768d80

          SHA256

          5e10192cee841e432f561a4a049c93cee1b6eb31e976c40d0a9ad8235b07ea7c

          SHA512

          1f11b93ccb8ad8eb6887017912a60b78b9f2ade0b71b419e94fc315e2f64af38fcf4d9a3dbd5aea52ee4b027a631210bfffa013b05955d48d1605a07fcc434d3

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          8b179922975c1022a5e76ad92719da29

          SHA1

          f9e1a6247c3dff10bb341ed2dd32b54edf88468c

          SHA256

          5d3ef703bf7c130f65d2b597e576fe3460e2c2a9c715f9fc789680ad739aafc9

          SHA512

          4b4cd1fe90e3fbc4da29447d8fd108e6141dfdfbbbc030ea44483ab1b71855394e772a62741356f200bb5b7a664b0eae1677f7033810f6795abe818d4867962d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          5fca6604521c4dddbfa9abcf2f2fafad

          SHA1

          b7ddbb15e865d4988bcb052c917d0e895ff3278e

          SHA256

          b03d87d82ca265e2ad6d7a16af1d13e18904f0622972c5fe7e682b0f1412fc62

          SHA512

          68c68d8ef265545c90610159c58b9af6c6fb6f3a743fe4a2a39adc4410b31d7bbedaceebad8fd8096a29cd064501d4d74ecc8a7e9c97b0816cbadb84511b76eb

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          1d836e069c1d37fba950a4083ccf68ec

          SHA1

          0378972749d96846b56e206d5f83cb27a6277a30

          SHA256

          0dd6a2bf0c9317bff0d263f18f6ef9ef462b0021af87a7738924c180e3a755c7

          SHA512

          6b57a040b9ea278395fc35b50cc1ec69dc8901cc3542d45fdc2d724c7118d86620895479f3e12f471eda96da9eb7290135e7e9846991b21133dee541a93ac0f4

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          98ea27ee86ec77b232dc68f2eb393fe1

          SHA1

          12f2921757b28fbbe75c95a2bde1161c4ad636ea

          SHA256

          0d9db2474116178bf7917162d31a5fb804bf9fd7f9c90c6931c2c02aa1764bde

          SHA512

          6e92910b37b378d9781f556d5d3f4be95fb192546f12238b53f3ef38ff28926f6cb2ec19a32dfe5d974c1166d5a501b6d968cd5a92b057714b7477d884b8b891

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          a27d09b8e872271abdd287527ec05537

          SHA1

          04b0b585b0c076a3b2e1c360e2523274adf05dad

          SHA256

          40a2a97e7677fc4996c81fca27aac72676caa93465eb97fc653caae4238e9055

          SHA512

          6e83359aebe2a552694dff8a29a190d9315bbfcafeafe64d00751d1f91968c127925e717da7eb4f33c89e568b4a4b80dd52c3813ad29dd5b825df69a76dfc251

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          f77e094c9c5f9426c4c7e403ca4bee51

          SHA1

          d9974e42bc81a960316a3ea9d4e90f47fb95928d

          SHA256

          73e1825485390fa87d6420fe44c61ca4d773f2794a6aca1f750c6c31252ffef6

          SHA512

          b9cece645cce0332db1ad5fd2784091a8a481e8942e34bf1055166fe08b12a543162a632fffd350fee3e0eb8241653b876f84333b91353f8d289b51e4b520401

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          92c92639d602c35fa34f08cc1884d4b8

          SHA1

          59464bcab970799075c12f790aab93dbe463db01

          SHA256

          87f70ee5cefc6a973ba4f39cc3fc27e1a12bd6a0bd3406348442faa5960476e9

          SHA512

          1d941d1bb252aec74396f4c4252adf6c383a0cb4645ece37e450187aa30d5ec69ee574ebec229046cae2bc5fed16cd2d01b7540fb4cb5a7d2572068a26476b55

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          7f8df9794406ff7fdf9a057ec16044d2

          SHA1

          2270ae754993741187c794afa166462a5afe9584

          SHA256

          b761b16095da479c0ddf3540cdaa4d9595dfb341ce51283cc448c57e6a4c5b56

          SHA512

          319e0d0a7e32908d5b2865303f5503cddd976c6740c2e5a4c761fd42f3a79b1b72e2543d2f59912d8b57720bc465f5f247cfbe07e2a8d4c4f98540a0ff31e6e6

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          a21e42dda8b50f4df132ca83450f52c3

          SHA1

          91919512b0b2d1b204e7e60a901324d0af4929da

          SHA256

          f19d3f6a97e4b68dfca4fe819b7ab68be4291dca04a56e426cc1bc9a08269409

          SHA512

          ef98882b6133d5200addd96f71b8207c8cf3a61f2bad1cce8ee85bd70b18aa87ddc87432dd6c4f27cd132c637d41c58646423f143e6ad59052de3d7f5b79dc0d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          77b397e526ceaa0f6578addb7c91059e

          SHA1

          39322dc7338348dcf61512a9e8644a0ac901fde8

          SHA256

          2fc851e142baddc999866a7b1360937da39001c0b0597acef76826581e41afe1

          SHA512

          a8a0123431ffd01ca5135b2d3ecabba893f9ac0ccdbb6c4c456a3175668b954444575d5d1e36540246b8fe1ad0df7fae47fb44131370fce6f10a5bd5951da4c2

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\D0I6KXNQ\478691279-postmessagerelay[1].js
          Filesize

          12KB

          MD5

          92169c8a0fbf6e404267d0705cdbdf42

          SHA1

          a5cd88b74ca5ced239cdbfb458fe25540d671f46

          SHA256

          dba668b49a111527aac8f616b9053ea57c944e01a84ebdcd02a13da921223384

          SHA512

          8c5d35ea512fa7be367cd9a9ded2f23822dcce730e5502a355ed0d48949ef763eab13be0d50a66de6b0f8419d6a002c12c4ddbf20d97f5393ba922e48a4f02e2

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RU3RPYUN\blank[1].htm
          Filesize

          167B

          MD5

          f5d40b7259645010f9a248858ad14178

          SHA1

          b3051d17a6ec8c9e166bf09a62b48261ab86957b

          SHA256

          7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d

          SHA512

          1e82bc2d067f726670b3e6054d73e57868f6e7c50eb979696bf927daeef699f2d8f8de201e8252b86b0e9f86dc69e5037fc9fa08ef6c271b033f29d4f0f4c1aa

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RU3RPYUN\rpc_shindig_random[1].js
          Filesize

          17KB

          MD5

          f019fdda31635d2a31b151ad8ad56c7a

          SHA1

          6adcbec55f66ffaef83d9a134423aa98eb2a2189

          SHA256

          c7fc0b1526533002c956ebf8e8c42c3ad3f96c41ace73fb4063cc89051944831

          SHA512

          fc278c12316e098976833882a38c788d812f9d36bd1b9b2b8c87dab4dc906af26a860df95436ea1b7d509236d44d0533d475a153437f8f5d42653fc28a77ad64

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U9VC31Q9\cb=gapi[1].js
          Filesize

          64KB

          MD5

          ee01651d160cfc55249d6011a3c45916

          SHA1

          79d6121df6575974ad21dafce33ec98e3f2f0a7f

          SHA256

          639d75299973c7d3794eb7eb129e3b5a6139f9f521e1f14383abd0fd501219c9

          SHA512

          8a39dfc1ff2c58ac106225976aafdaf7befc0a28903a0c65e2c272e1967c3336af2b477ec12604400bb8e16aecee6567c9cb9d157e3d54649e28b9b2f920432f

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab83F1.tmp
          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar8452.tmp
          Filesize

          171KB

          MD5

          9c0c641c06238516f27941aa1166d427

          SHA1

          64cd549fb8cf014fcd9312aa7a5b023847b6c977

          SHA256

          4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

          SHA512

          936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

          Download Submit