Overview

overview

1

Static

static

1

Excel/xl/l...st.ps1

windows7-x64

1

Excel/xl/l...st.ps1

windows10-2004-x64

1

Excel/xl/l...st.ps1

windows7-x64

1

Excel/xl/l...st.ps1

windows10-2004-x64

1

Excel/xl/l...O.xlsx

windows7-x64

1

Excel/xl/l...O.xlsx

windows10-2004-x64

1

Excel/xl/l...J.xlsx

windows7-x64

1

Excel/xl/l...J.xlsx

windows10-2004-x64

1

Excel/xl/l...ck.ps1

windows7-x64

1

Excel/xl/l...ck.ps1

windows10-2004-x64

1

Excel/xl/l.../ga.js

windows7-x64

1

Excel/xl/l.../ga.js

windows10-2004-x64

1

Excel/xl/l...ery.js

windows7-x64

1

Excel/xl/l...ery.js

windows10-2004-x64

1

Excel/xl/l...pup.js

windows7-x64

1

Excel/xl/l...pup.js

windows10-2004-x64

1

Excel/xl/l...ins.js

windows7-x64

1

Excel/xl/l...ins.js

windows10-2004-x64

1

Excel/xl/l...e.html

windows7-x64

1

Excel/xl/l...e.html

windows10-2004-x64

1

Excel/xl/l...age.js

windows7-x64

1

Excel/xl/l...age.js

windows10-2004-x64

1

Excel/xl/l...ck.ps1

windows7-x64

1

Excel/xl/l...ck.ps1

windows10-2004-x64

1

Excel/xl/l...x.html

windows7-x64

1

Excel/xl/l...x.html

windows10-2004-x64

1

Analysis

  • max time kernel
    121s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    30/12/2023, 04:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Excel/xl/link/Excel/index.html

  • Size

    999B

  • MD5

    179a9b4449878ba933513c4e0fa0246e

  • SHA1

    dcda6e8b2403d13df5bf37fb446045cb2519effa

  • SHA256

    8fe5f22ee93b4541f93134769bec0757c0e22bb9b76b905769e9763e3b0a53d4

  • SHA512

    cf3ba60927871b8ef4ce7e477db8892ebf390bfd91f1e1c43d80f96787a402dea93b0f6e9dd4f19e516d3f74c3e80e358db4181751c01c2395ea0ff22c8af79e

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Excel\xl\link\Excel\index.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2944
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2944 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2784

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    b7a5de460c55459474752ccdeb3a9a75

    SHA1

    4c2e22fa290f146d92f51c1202cf0f384537ac9b

    SHA256

    0b87033dfc1f127ec495d92c25305d46418e5cd00af8cd9641ca3b84cb591ea3

    SHA512

    c06db82a71abb41924fc59c3a9963dfe179a203f0cd72a456faf0babe95ce3ac92a7fe9da348017a3105f2920a9dac3816bfa2f9f6a61071aa78eaf8539785e2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3386b0317b63f3f34d5fc90be5655b8f

    SHA1

    9e8cfff0a54978024fb5347553b26bc5246473bc

    SHA256

    5e7ab21d39d1d59a4c7ed3239d029266776fbff212259643e7e0182dedf43aeb

    SHA512

    7a4a18554b3e911a4cf49729c2911f85efb2dd1a342609f0f27d7270bddd11cc76f4cf507f1c187f997d903e351141b80ccbb8115b2bb8cb6d80a561944e0c68

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e36adbe81072ab131eeed82291aa7c0a

    SHA1

    c1d400fefa50e65dd74e16bfa36ba94f6623382a

    SHA256

    3cd8477c21aeb0c4152deb99753c50dec54186cf46bf171c893f022d14918ae4

    SHA512

    a42e1b77b4750f0e2f500a7c001ecef9e78bd139a5ffc99979734e4d71b821d4456913602f2441ae07217ef194bfd5816ded5576f421c940a761ab42019ad3a9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    07fcda933195517175cc68ed25d5f9a2

    SHA1

    97a47ec942d0777e80b217028e570260914272f6

    SHA256

    d6c3d7935e8e241482ec34e3a6b6412ac8693a51be4db642902552649436e00f

    SHA512

    1c9620a3798c1b751364874edadb7848adcc08ea6463873d43e869df597bee61ebf8f58406d80a13c115d419e1f057405ab84fb2e1f7c604f8efd0a65e061cbe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0b7eef147288abfbafa4765460514f0d

    SHA1

    8bb327c45592791ff3820da3af28f68607efe9df

    SHA256

    dc4580ca1e57a37364395ad4dab8c87f788132e9aff89ee1b3657a986fdb38f3

    SHA512

    69ba1e54cd841e7bc1d7982a209ddbfae811cf594ac98a0ce57fd4f23a2d277a8af198107fed094739b628e527953e31bbf0c1a1f07fbcb3164ebcb37ac1054e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    10d1ca11d1310c6af8f2c4d22d3c3e4a

    SHA1

    b2dc9b2792909f48f05760021e49f22217a5a56e

    SHA256

    c9c2125a2db419cf032ceef1a66b8e6f796d0547204e1f9faa2a108b243821c1

    SHA512

    b1908f24d1b9c0b789ced2034af90cc4fc8d0633d4dd0e7f152808dbea43227830c43f2a6236d9d40a93df74800ecd83b74d87e113cd21fbe070ebfe20762ae0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9eaafcd4b1474697ca7d41e55124f8a3

    SHA1

    666fd110a067b5b1965159232f38da94f4eac74f

    SHA256

    cceb7518944ff34f72c5366e29c8dc80d48f753042db3e6ce3eb4d7503ff5f8e

    SHA512

    592855477d28be1f7fd930cd8c8d420610e7efaa25215011834a9cda0fe1f3d0c3bd8a9ce716d28eba3b327127a5d8b80a975fc7489200b17b981c6573abc49f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e65317db731f58477b14b947b93988a5

    SHA1

    92ef6702b035cc249d26cad68744cff9e9dea64f

    SHA256

    a5f5ad0bb9f164dab751abc62c7a22fbbcc8b04090540b89adce1554828c13e4

    SHA512

    f1b647746e5ee8368fb6abb2e14112748b3a1c21b558a16a49ea333f755486eeecee0eec39edccd708b80cdc2c8c88aaa2d1edc3fa6420a8712add0df654ba4c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6e6e25646e5e437590dbdc8bdf30a278

    SHA1

    2eb0bc371a7583b111fa48f1fcbecc9100044506

    SHA256

    16ea645e4f95f8c80b380b5ea7396e98d920abc55abc9e22e7b991607bd3d69d

    SHA512

    038ff27f415051585b33abfcc80acea4ac0b108c02698f5d956f6d5ac6ea0877fc0fa6afdc63579cc303ccc54f0ffb54f5846bf435923033bba2d71af2b09bfa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    1b51c56d1ceeb22f85c4dac7f59d6927

    SHA1

    780e034a49067b55a7544480f9ba3fdb4173afb1

    SHA256

    b7b167a6c0849eb6de8a682fd39df5eaa4007e8d00a32012011cb59e999128e4

    SHA512

    2c61110974d511ccf30c24d6d4fb9b5246efef75058fd0fec9dcd8d4d65b77eae0743b8fc10b5ea93e46b827415ff466efff1230febf13032f70bb47c3bbf359

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    d314838dde387d4a9c28260be4fa2a77

    SHA1

    c30e1cd97f367f5b2bfb73d8ce20a78156e9a3cf

    SHA256

    f269603a6ece26aac7749b4657cccc82eece9ae847afc81c822e631c262c7ead

    SHA512

    55ab62ac43e273903e0088f34dfdcd2ae1625c93864a88c48abb1243a8a80e74761555e949358d2e6a8dc98fbff364763f80d6f838e000f958083c515dbc3fbc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
    Filesize

    4KB

    MD5

    da597791be3b6e732f0bc8b20e38ee62

    SHA1

    1125c45d285c360542027d7554a5c442288974de

    SHA256

    5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07

    SHA512

    d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

    Download Submit