Overview

overview

1

Static

static

1

1110573d04...6.html

windows7-x64

1

1110573d04...6.html

windows10-2004-x64

1

Analysis

  • max time kernel
    138s
  • max time network
    147s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    30-12-2023 06:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1110573d04abf4650c48a8b82c775746.html

  • Size

    178KB

  • MD5

    1110573d04abf4650c48a8b82c775746

  • SHA1

    ac0be7956d0478c7b5c6768c8b182b5d4df958ee

  • SHA256

    57d058b48f187213048cdb85a192a76e1e5f868dd6a32d723b29cf2417327a8e

  • SHA512

    6eb7d54d82247223fb2d33e822131000aeca6f1e26a2e47108106fd158a68f548d3104fb68a58e2154fb6ff4c7a198d98a06b8ece04de1cff28e9f9397d1d37d

  • SSDEEP

    3072:yT3IQzomw7bRCo90iP4e4pU7+WvHY+JZj7h7u4beMBRrFX:uiqc

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\1110573d04abf4650c48a8b82c775746.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1684
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1684 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2180

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
    Filesize

    1KB

    MD5

    00d05bdfae83dc1a7581977aa309749a

    SHA1

    ff38b1f051402e79fe43ce11739af1f10eb2af15

    SHA256

    ccaf3f38f64877ad3553e8f7b568ac5acc04a1133ea462733d7ff24cf27b0ce8

    SHA512

    b8aa97b51fb78d583511882ed90c9c1b8de17f5a5c338ec80b928d1728e923777e0b3855d6e71db0fcbe2fcdc88cfdff0ba36d55c946fa7b8e4e77fcde0639ce

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1b50f5e93890bee280e4958bcc2926c3

    SHA1

    44d202ec6ce2c37cb99defd2fe38537c013430fe

    SHA256

    b28fcf0a986cd770debbd5f7566b59f7bb5e564a49ea261bc2fc05909447c335

    SHA512

    09921d1a63a056dbdbd090f3cd66c6c756675042edbc4781081b7d66d97688bceec6370bbf1967a299e95eedbcd40c98651878cf47af92b51387993aae3fa48d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    74afbb7104252aafcc4ff7c2a295316d

    SHA1

    5d1a44ca8465add10bd9bf6b616321cf52d78895

    SHA256

    c60d86669bed5e82a07102a930408931abba583808628dac3b71d140c8cadd66

    SHA512

    bb1b191ca9ab82205acac78f5d5650802e205db9cb2fd09a9b34e1e621505f1769be6e02484544f3a94505fad5e9acbfc8639ec0ab177b994636c7c43caa58b1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a1a6dccf00b5041cb0678a7883ab96d7

    SHA1

    57659ee647b84b59babee70916e3b906cfc161b3

    SHA256

    78a2379f165d6e115a725aec8ddbda386bdc8c3230ca973eb6963bfd7544d3a8

    SHA512

    ae393e480d071414571f85e8bf832d58d4dd92d0aa77c48195b4365ffe3eaeb7e96f41455cc290cd03d0a5f9c2e1ecf1972363263f0fb595ba669793f8931bca

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f7ef2901cd5cd1d5fd45fbdb986557c3

    SHA1

    725d1358265b31191713f8e7ad72e75bd64867b4

    SHA256

    2df49202c1cf2f368fc9ac4ebd2cc574a65e7eb90ea9b407cab00f6f29e6764c

    SHA512

    fb364ce585fc4b8c77b69ae8c4d79f5f02e6c71440356d4496c448ee01ac70894545fd2d1b2e2460e32f56935446b59fba87e5f0b109d91ded81c9375c6fce45

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dfb9795a1e36a6b4922787f4b32e2b18

    SHA1

    d11a20a2f57033212fb313b60f2c22d9f0d1b0ec

    SHA256

    f752a08a04037e28b3e19a24f83dc9aa1415707856485ce902be126a51801009

    SHA512

    accfcee959e682c95f5042130be0cb5b0a9f3150db85353434f09d7b57953344a388454cd47f5bad30d3f91f4141102f723287d839b506c9f489f1a45646e974

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    998af6e682684f805f4b909c70803a06

    SHA1

    3be0ae825483ec3ebc09a8f70499959a8fc234b3

    SHA256

    260bb6730866fa845a1ce9adbfb0015c43c680e48baca184f61a45ef86613e65

    SHA512

    c2f10a33524cca9be45f759fe6ee2b0de2fb30e146b0fa29a9c5a40e037b1b2f64f20672a29ac997753120cc9e9df12007b51aafb7dc6d4394039992bfc97f92

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    07963009fdf7524afd87f49889817c90

    SHA1

    e71fcfd7bf7eb0f456a0ef946856c75cb5a11812

    SHA256

    789b940397d1e9c679e5f61954c41f4afeee11567e7d988a68fba45b4dc8e84c

    SHA512

    4a5d4752683cc3c3ef3f81efa0a7c457b9928793ee672ff9d67bd9f33773f6a237039505eb81d7bc4f926c414e6f82cbc5407f980ce2da217421e0fd7175b9db

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E3F2LH07\478691279-postmessagerelay[1].js
    Filesize

    12KB

    MD5

    92169c8a0fbf6e404267d0705cdbdf42

    SHA1

    a5cd88b74ca5ced239cdbfb458fe25540d671f46

    SHA256

    dba668b49a111527aac8f616b9053ea57c944e01a84ebdcd02a13da921223384

    SHA512

    8c5d35ea512fa7be367cd9a9ded2f23822dcce730e5502a355ed0d48949ef763eab13be0d50a66de6b0f8419d6a002c12c4ddbf20d97f5393ba922e48a4f02e2

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E3F2LH07\cb=gapi[1].js
    Filesize

    133KB

    MD5

    288c5ba5b7001fe841c32f690f62cc93

    SHA1

    29aba9d8e4f7cbe25fa5e64b9ecbe256e51fc789

    SHA256

    c2f33dc18eae27d4e878bf837dd97f1bde5151e44b0271408535bb93265b8c52

    SHA512

    e375d41344a086d35accfb02bb1f91e2dd383db032af387fc3d6b1230057cc5e432e9b2cdd976e51425b4f587391d42f4d9d857c2e6f11e822a65edcb85f1c9f

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HVBRC7A9\platform_gapi.iframes.style.common[1].js
    Filesize

    56KB

    MD5

    f6140cf2e81a9d5b9bc96970fe1946f6

    SHA1

    e18cb20a08d0c13d44b72e36e9560aec2187abce

    SHA256

    68cc8a99c8ed5cc0eb3aa2146fd34bee0051bfd98faa3c03b83c78b4a12a8bd5

    SHA512

    1f61bf7228ae9fc1b36249223f4ca0675da05beaa6c00b28b7fff500e0527ee237d139eaf6793ece67f8730dfff0207bf945a848795aab7c57301433449a8acb

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HVBRC7A9\rpc_shindig_random[1].js
    Filesize

    17KB

    MD5

    f019fdda31635d2a31b151ad8ad56c7a

    SHA1

    6adcbec55f66ffaef83d9a134423aa98eb2a2189

    SHA256

    c7fc0b1526533002c956ebf8e8c42c3ad3f96c41ace73fb4063cc89051944831

    SHA512

    fc278c12316e098976833882a38c788d812f9d36bd1b9b2b8c87dab4dc906af26a860df95436ea1b7d509236d44d0533d475a153437f8f5d42653fc28a77ad64

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab5756.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar5833.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit