Overview

overview

1

Static

static

1

0f48bf7e9f...4.html

windows7-x64

1

0f48bf7e9f...4.html

windows10-2004-x64

1

Analysis

  • max time kernel
    176s
  • max time network
    207s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    30-12-2023 04:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0f48bf7e9fc0e1cadcd3c06e5981a054.html

  • Size

    113KB

  • MD5

    0f48bf7e9fc0e1cadcd3c06e5981a054

  • SHA1

    e3e4d46b88981076f061079698a1f8e8b2ad3d02

  • SHA256

    16639db71698866e6ca242c4f447d8b196f276e9db847e6785f9ee2d266a6617

  • SHA512

    a9cb1397d475531ad4f95589c88e5e78015e20671d3a7a69849f196f867a0d2e414d2fd9a4a781c5e271f34f20f3c40a73cdfdade6fb3e3da636f2e25a880c76

  • SSDEEP

    3072:0ZE/Sdu93MzhZOB41liGijZGeilDCv5C+ZMft+2szPp:0Z1hZOIliBY6

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\0f48bf7e9fc0e1cadcd3c06e5981a054.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2788
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2788 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2556

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
    Filesize

    1KB

    MD5

    194a99f130bd62cee985e0e2ddfc5ebc

    SHA1

    a12c9411ceae94de1b982719bae238c9dd72a600

    SHA256

    52da701bd075bb9f5d18d1e487864f03540acaaf57bac3dfa76af7db1a638ea0

    SHA512

    df934e551b824a6b2636b37614bce3ddc09ab1e239838e5f0f4b74a39f2ee6044943f02a2de7bcebb1d787916b340f948a4a8946ea3b6871f98fb959117667e4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a1eaf980626ad9584866eb51bf979532

    SHA1

    0ec21055b8e947d55de6390977e47953d620eda5

    SHA256

    09d04fc7fde556de7b080715cc769be3c48e666f421a96780f9d134b3ca7a43c

    SHA512

    01cad769ae69ef69526ba64c7722c3662f794e7465a1915cb320ecae5f6c394ab64fd915bdf1b09849e31e87d0ef7b8de6d638498f4266e5568d0afd386477a3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f6d2782186b56f4a7fda1607d8ed2832

    SHA1

    c0c8d36e7710e39f26ec2f7406d52552807195f4

    SHA256

    66032eaf5b4bb2e1a79645174cbbc6570ac8c3713cf4352780c4aa549b33f0a2

    SHA512

    a7512a1637628c1dcb960ffb3ac812255808a6a7f6de8b715666cec40fc23942a5c53d93917ba55d224cfc246bf093296645dc770ac39778f0df2baa534a0041

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2f8a5907b4f1d7a6b6de89b89ca6c771

    SHA1

    da01ddf0e30fc44754de41a14853062d7280b52c

    SHA256

    74ab44112f2a11f5fa6968ba4659c0fdf85e0453927518d282c527baf4729971

    SHA512

    61bef8039f119b0a9952b917ec4e483e4b1b0015d1d5dd82d10160d281515b82d05f4f718f86b040c6a734dc0ee4bd00e768ff85ac56a526345c39d8080ce96c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f6abf297394087db96516b01755bd0e0

    SHA1

    f5c7aeb4bf121238475280d9199456fa4339dfc1

    SHA256

    6fff7325c97af0c643fa011e60e00188c3f22159e4813c3531027b0154baf36f

    SHA512

    2d8ef2b274d7ba27789ab5dcadd8a0990e5dbf8781c61d63df814c5c3b7411fcb98bda2cb11b448819485a0823f2f8d31a7c4ee57367ab5b416f03ec68722761

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0490cedfb1d32f0ae5c39e374b211665

    SHA1

    d3e90271f5df97d5dc04e14eb8a4dacbca6b8df9

    SHA256

    f17fedc67de5a8461374c5a7d44d826ea2acf6d565e6388b3a1e910768487461

    SHA512

    b42ab0941e1a307dc6d388d65dbef6c43e856f760eab9c7accaa735254a9989b833f72984882d03d6ed5dbc4933cb310648e0631faf482bf6d5c13f365e12a37

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    750fd4b924a7ec35a8ac6c8a46313b4d

    SHA1

    5708e3f22446756a533a22239f579b5d119fec1a

    SHA256

    6c631edbb08fe2a6621b383271ce9bae369202b59358533f4c831b312032c9ea

    SHA512

    cc19901aeeb6083d459c4df90a3fcc84cd7e6f61335f5eb107af782dd8ad9c951d614a6e791da34c4920722f2ab48eb3cef50a2958fc19744a50fb184f889400

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0f9bd39e26fc3e5587ddd1baf572689d

    SHA1

    f1d579041f719ed0994af513e3b1be10de318774

    SHA256

    1092c7897e7fe224279d5c122998fc0533ba799d94937949bb72058c71751831

    SHA512

    9723d3f61f9ac857614c9f5f80354a7f59b80e7bdc1615b5760c9ebde4c5d43127cd6e829dccc91e9e5c814033675c6a8b57942c06075b7ec5be1c30e07998ba

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9bd3e02c42442b6ecff140ccb1b9263b

    SHA1

    9978829a2d9f5ba0c29d7aef16c58c9e94beeb5d

    SHA256

    b25b25c72dd38f04041226cccaf355f31583332d161a0333ce412787daba7692

    SHA512

    ce60d86847af9fa04c462c75aa0289ff428580904fffb35e8f97b7726438fb76a9befc40eaf7aebf400bd4c02164c844d17e75098fe97d3b8ad04e0119d866de

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    47320f9c924662d2d92dcc12aa1831f3

    SHA1

    3cf065fef05c72c314d770026a0f9584b027feec

    SHA256

    8adc289dd5b473869c3651c00720eda28ff64f4e8059cc0479b0493008e742c4

    SHA512

    804d6d7d2513b64fc194ae47f9998f4b54774d8f2f8ed419f169789be70fbfb5de33052c89b900bdab87a661f18266bfafe8709bcc72e7c0ad5e8233fc54b756

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E25VF8N4\cb=gapi[3].js
    Filesize

    48KB

    MD5

    1f6b1425cad15c8901cbe7166c3f1561

    SHA1

    e91ac716dd0e5a36b0ba6eadbc8fc7b53ab90d59

    SHA256

    58afc1f9f962a40bd24bb910fb69367c3b0873d0030ac5600ba09ad995394c13

    SHA512

    200600e714395249f7fc1bee2cdc691be63083730924a4ac13a5a7ba0caf59774df26dc7d69c2844e576c5e25f48566e3587ae3fd732a342909f2edd75f92f75

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YT4IJQ91\platform_gapi.iframes.style.common[1].js
    Filesize

    56KB

    MD5

    f6140cf2e81a9d5b9bc96970fe1946f6

    SHA1

    e18cb20a08d0c13d44b72e36e9560aec2187abce

    SHA256

    68cc8a99c8ed5cc0eb3aa2146fd34bee0051bfd98faa3c03b83c78b4a12a8bd5

    SHA512

    1f61bf7228ae9fc1b36249223f4ca0675da05beaa6c00b28b7fff500e0527ee237d139eaf6793ece67f8730dfff0207bf945a848795aab7c57301433449a8acb

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab6F3A.tmp
    Filesize

    38KB

    MD5

    b9e08dd59a72c8ea22e04811693a8493

    SHA1

    0750dfb4139737204735c9324fb6f4224670be07

    SHA256

    91ea2bfd9e1daaed97ef33dcbb9a1e609ce0eb16c73eda2707cb9cc9d31d9f44

    SHA512

    38d81a1dcdeb33a596b190937219b9bc73576e0ad773fd11fa775bdaf8ddcb9634730809b623f94304a46fff547742ba0cd2cc4d746ae6a97f65e4cf0735899e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar6F3C.tmp
    Filesize

    29KB

    MD5

    7f6e82fc3b0359a485554607d3a45efc

    SHA1

    c5bcf0d1394ce7a056fedbf2814ad94535d294db

    SHA256

    ceb2cfc22328242b4569a2e75582b1152bb7cd515c55f47b0944a194c52541f3

    SHA512

    88391a70f7996abeb91f220e9b226ef28679e2a380058554593ec03cce590fa30b0af361feba3d5f630974e554fd7eb737cd53fe84b85fc72773ead349b5d544

    Download Submit