Overview

overview

1

Static

static

1

attachment-2.html

windows7-x64

1

attachment-2.html

windows10-2004-x64

1

Analysis

  • max time kernel
    121s
  • max time network
    147s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    30/12/2023, 04:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    attachment-2.html

  • Size

    382KB

  • MD5

    75e0a72645e0a1a8718888c705b9c937

  • SHA1

    50f5954ee88211c51c3e5cef6d00e80971cedc46

  • SHA256

    fc5f5abaf1c098586d3acbdaa1af0410a8c7c4ff7e3511c953e30bded4774146

  • SHA512

    3662d4f4852a2559e0f9f7726dcc1791d57a1cd211a2ee6d5210cbfa32372217cdb4dc3d1ddb61cb72ae04b34c3406924278946174d6e394f2a8dc179ad61376

  • SSDEEP

    6144:PFWFS1vGH+Ex7K5VAdSHyBHjvCxIANXOkVsigepLEDajIqoCYZu6Pr8P5rOj:PFsWvGH+Ex7xHhAR1IbR3IQ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\attachment-2.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3032
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3032 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2704

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9a82ffd821586f35d3ae9e3cbec0dc0a

    SHA1

    52e4b490a22b79d01a6bedbd3d5c3fab7c1c3530

    SHA256

    37770147a315df63d0a0aae80ed6dea210fb062a8f7d4ea86e23eb9e67b38293

    SHA512

    f3285facd3b6ce7a9336bd22bf55b1c7430831742a59f07dfaac72561412bf32d6eaddaca769d5e9e6f07e1f0d89c9309664acf0eec597188b932af9a8d64334

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1cbb7deefffa6b343a97f32ca12326fc

    SHA1

    105e82e5b749a2f9924f19bb3eebf8dae00f6237

    SHA256

    539ebed873959994dfa717408bb461011fc310e28dd3c635eb2dd23def1708ad

    SHA512

    58d1483faf0a7efd65bf2b08e8062eeca80b2744cc75bf205f2b8cba7fb482eb007de9447765f2e2c0c1b5f91e87406bdb6ee2217fab2ef585b98dc69a610186

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ff153eb8a1decbea24392ac142fea252

    SHA1

    55ec177f05ffd331acf4909771d72d76fa19bd63

    SHA256

    dbc510fe68d150ad930a27df3de04221c98be6a9e806c38fc36a4267e828b137

    SHA512

    1fec75cf0eaa53ce8ba22b47d8de1896a0dc88c8ab61c734c300c343cbff06d2b8167bf83c1a503060648cffec2717a2bb4fa870bcfd1cd7b182f5530c19f5d6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    09dfa339af2456467d226b005a70f4a7

    SHA1

    26550f4c713d79ba75fc854b7c8f86fbe6819633

    SHA256

    636aa8b9b8ceee73e5e51f855926a2239f4b03e89d38c954253dc5361585076b

    SHA512

    9afda311186f8fce3da558df2e2ad3013575e094954aa3c333866d167bd19587e5d316d92e1a5f0f17a9a57a54167c094891292ed1b3a8acf8c91b025dc35694

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    22ec2fa0da0f11837ece2726ed52de12

    SHA1

    0f42b97958f6ee67a96998e33622263fe6b83fe1

    SHA256

    9fe6dd3f130192be15e630895d651a7c3a82f2dddc3ec1d398148b1b0347ba59

    SHA512

    f0aad6ca9589dff90af2b581a2f591896b90c05bcbc214c3b6bcf1c5618ac69d0ec52bc319511e3a3d9d51b9e43e06201c2391d387c448e1f1b5d468b7227665

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b0d6c4aafa8203dae551633ce991fb9f

    SHA1

    4f06768268bedfa12b1c0b6f05947e2438500d7e

    SHA256

    1fc76cf7a5eea79b81abbf442ea7476c9b839bdff76c583667f48965711169e7

    SHA512

    06e4f900f23b5cff0f0cf4a9824e9fb1a990200dd948dbcc87873610dade85912b6bba6feb44df9bf71bd99aabe5e0571c211cb488240b03b188d9662a377cc4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6b91fe1ee18c11481c7d7afefe232288

    SHA1

    e2b089d9cbcfe40d5940acc9d2f53afc30836f02

    SHA256

    5b11a9e0f6844fcbbbf89e075eea92a05bd1ad50cc20a14a0a76df7c82ce6d3a

    SHA512

    e6450f3519c04301ea45016acd49c8581f8cdb570773cf8ad9bbef6523a0062b8e8cd0f742c88e4fe802aed5b801df875cf098c4e89b28f989ad80577dec5b88

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    40d4248c0eb0ffb0eb3670acb0ef5a25

    SHA1

    35878ae5a4b57c609b241ad0b66bfdca564053ff

    SHA256

    9945f1973275ff4e0aaccb2cffb0cdd0a60a8bd8740b089885f850d82eccdb01

    SHA512

    38309c874f510d9130a5be76432d0c57bf9b96bd2a84cc13334031890ebfa0a2aed04156a47c33dfe5140cffcafcb5b1fa9d4c39707ab7e190b0d70e9978c43e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    75908cbf5ed0c1b8e1d54e98d3fc1af5

    SHA1

    da131b82ae18496583522bebe0f8223de34bba64

    SHA256

    12cd07024fe30824c66c7fef1f368b843a0997976652b729ff46b94e97f26ada

    SHA512

    a6a307f30775c8fec78352a113d71318b5fea2b79038f31ae6519550961c4b61f6dcf7b21563b06d7da43b700803c5d0e5948f4394b22055abc1e10e9082c5a1

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab65A9.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar65CB.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit