Overview

overview

1

Static

static

1

sample.html

windows7-x64

1

sample.html

windows10-2004-x64

1

Analysis

  • max time kernel
    133s
  • max time network
    156s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    30-12-2023 11:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    sample.html

  • Size

    44KB

  • MD5

    2231bf23f6507904a903c1c59721b544

  • SHA1

    90163c9b391c3e65860f88cb676cf414e8fae91d

  • SHA256

    bf18f4678223b82d2d7c86716c36e96a4fa299222f1d24eb23f59c9cd06dc98b

  • SHA512

    ef2a3a41613dc471183b8d47ca4b062b59ed82c33b2bfe3b749c1d5a13b7f7d03b6b8b07614dcde9d2ddd26542b5e5830cfcab8cfd6e2963a4cea5d3a4672c2d

  • SSDEEP

    768:SO3iHQ1Us3Lk03J0FhdPP+8zABXOZkCr2lud:SO3iHhe4iJ0FhdHWweud

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 51 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\sample.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2964
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2964 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1348

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416
    Filesize

    1KB

    MD5

    55540a230bdab55187a841cfe1aa1545

    SHA1

    363e4734f757bdeb89868efe94907774a327695e

    SHA256

    d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb

    SHA512

    c899cb1d31d3214fd9dc8626a55e40580d3b2224bf34310c2abd85d0f63e2dedaeae57832f048c2f500cb2cbf83683fcb14139af3f0b5251606076cdb4689c54

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416
    Filesize

    230B

    MD5

    d6c4d9e2334914b73aea9cc86a90dd30

    SHA1

    e219b2b4db74d844fb21bebef0f9e6bb2eb520f3

    SHA256

    37472cc228790c00ca59f187412dfe3302ac0f849676a4919c4649912143416d

    SHA512

    300a39cf272065c1574306b94167e37ac1a4952fdd34cbc382a25d7306a478b31a420616c7153e09e75886dd919ad5ac5f96bd6778571f9e553eab05914d25f0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3e3d8e533906c2fb94a3921181698355

    SHA1

    a073039bf4d333e91269c3f1cbac9bdbbf6c5e6d

    SHA256

    c16e7fd4610a702544d5236d0fae9efd0b6713c65d7938dcedd574b55336b557

    SHA512

    10ff5dab443ca6a6865838f5117b29e406710d4b7122504d44bee87caa2e7e599f060dadcfad8a7b93a00d8b7686f96b51a212212808abb75ea48f42a776fcb0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    317f3e38be4bf3ba3cd7b77d381f93a8

    SHA1

    08a28f782903a1199bbf8a7190295994823abf3f

    SHA256

    244b0b9120000030a35cf5e7f12ec42f50f882aef14498385cad9cf96dc4fa5c

    SHA512

    c2ad2c7f8114fd1789bdc511d309109dbe7440579eeeba58056b9620d41ccb430a03cf96305d3e0df9b64d2b42ef59865867482f25c2be56e77102bc3ace7d5d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a0e196160988dc18806ee995cc53625a

    SHA1

    0a2cd4868055871622716d58907b322adb4603b9

    SHA256

    7219460cb20a23757b71d2bc963b89e4a77ef51688af9f99f00de507db7c9305

    SHA512

    256c429f45a53f98c330fbbd55833562e9085f072590d9a36ab5094f5ce975a4e9dd3190800e83de1126226f6d4e9fffbee215c394c8b01732f715b4b4a6844c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b9e05ff00635278773f7308ae8efb5f5

    SHA1

    25f01d056956a17c0ef60e44fc8527f505fee79f

    SHA256

    a0d5e639ddc8fb33dffa28e43a80d627da9b58ad1cee27da8159dc56f58a60ac

    SHA512

    ab69644e7060bde4e421edb3aa6510e0ec7958b90a8af5dddc1a9eeb5bb110f0b1c6fc994fd2dd9040cdc284dff604787983cb94b0778b230e23ddaa8a884593

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    941e089674d5b3e5fc8d7b9d3d95c66a

    SHA1

    157b8dac4253cb799e45615b71e5b9e8b4106017

    SHA256

    9adca6d55b4e6b0cc69574b05415dbf471012ae54011a363e6167c089f41eaac

    SHA512

    40d14c5c934265ead0747103f51054d16e43269281c6b727750a2ac531fec9e12e27edcb0f9f9e6da029cd85811cedd81c98e4b44880cb2c38615972a4d262bf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1407da749b1e152fe1537186d6c44f5c

    SHA1

    2c95521ca4b60aa38457212cfe91e0b7902e3fa8

    SHA256

    a18b6de13cac017cbfb6746b1bfbc30d8d465950c3e2f4ac65525384782f726c

    SHA512

    4868c5d02afa75085e9c6713ecc1cfbf4a543028698227f0b313804440d13cfc82732ff613e41799d9000bab1f0d25bdec66d1f353ba91302ae9a9e11267ab03

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6f9027f26ee493d0c9a6787d5e4e98eb

    SHA1

    dbc987457fdff7a88e1d86d87514ae7baecf6547

    SHA256

    5398afa55f9f35b523db5c6a303b6d37fdd96de7bf9dec9ce53967479ce4d1a1

    SHA512

    5049fb3f1df404501af75af7dd4b0fd45e7876b50f9b95118fefa3ef0e10a37262c885ce363b9dc09c1815a224dd7e90249ae319e7dce57f7289750159ddd208

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    de177bd42db178dc0983a55503c35154

    SHA1

    a2f08cea9ae596589d1a71f813245f7c99137da8

    SHA256

    0f24d8f2615d2f171933e40fc87595e40413d8c08749edc2b8f98ddcd415f415

    SHA512

    086e689d4e9a562e348850734e858ccd6f77b950b58904f2770ddcc86978cad0314d5e0eab6d357084f579b523d9eab4c81993d3596d9aef92f91961b302061c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    655b7352deb03fdc6f774fed7930d138

    SHA1

    bea0c016615dd6978de5de789bf66bfa8473647c

    SHA256

    1c3711ab5a0dbb8261b470e75d85d11ff06bac321e8feb052680f612dc5f9ab0

    SHA512

    4c890f26119ac1eb7e56bb11b82d7fb1e763915d7b1e622ab14dd9ad058827f3af4bb22e8d69f2e65b9337b02be6d226c21ce30b1da670b02c35d4bbbe61368c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    012f024addd265fe09521b02ad81096d

    SHA1

    a6f0a66e1c6be6fb9253ffd222945ef4fcc163be

    SHA256

    118b5ff18d45b030cf627c509c5d03e86de8f2b0b4d3795a80e31705bd813c5d

    SHA512

    0376562e940cfcf676022efc817228a8c80230869b02c7e87a233b48deff6235e5a05fb3a4fdf968667ae9661ada14909f56ac02ad89e53f714c9548f106a0df

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e82cce256e2924d18f023693b68c26e4

    SHA1

    831b05f4f6ee51b1ef58440cc18c16b58c76ea0e

    SHA256

    c18b167ed174b2a4a7b7325abee74894ae534914c592a6910a1ff3d31463f484

    SHA512

    aa5cc068ebd980c93a6e39b2586721c5628f98351fb7f94b86b462f9078cc0fd569690d078ce8b9bb37fff5ebc0db177519d0fe06ca5c2df7b33af32c4ccb01c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    833c3c7add0c6cbc4adec1bf42da63db

    SHA1

    b6aef5cdbe012dd09960d6dc3fa76dad222a9181

    SHA256

    3df9aee24fd02febe6310b5c5c40b0e7fa253fa9f5a11283721d49773f209ff1

    SHA512

    cfaaef3acbf38e60136476c14f792396a044dcd2ddf924fca698065f43d04e1c263d6cc8be025fb6aa0e3f8e4be158799f458079adcc41ffddc9dd82c742082c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    115759dba5f34bd22fff373312ccb1c3

    SHA1

    439181fca3a657323090e97101a2181b3c0656a1

    SHA256

    8ca1706b57e72476979e6bfa472c9d4a97ed70894b129ae23513c8eb4798688a

    SHA512

    9ed361afa952f75eba50271de40f100844c7f93d88866aca1f0e42787b93cd0c1ec953743f413dc7ec2c01d4f20b52f68cf4c2f9c6eab2b54dac581dd73bf92f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0249adc5c6e53e7998c682fc8e2131ac

    SHA1

    e95a2051aa22faf32ee43888daee2a0721fa6fd4

    SHA256

    cac0ee04297a3ac802df0857507063c02a40b8607d25f4c39d9538fcad8fcbd1

    SHA512

    cd91104ae7305a1199d4b9674aa267f2ef8e6c32f91cd2815e04d677e652606fa9cbbfb6d4c92bf734c0e09483993931f9f61400359ffd152dd49b7045db814e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c18b7cf7858a1754d754b2f7a15fd228

    SHA1

    bc76c5e2377d81942e8e54ab92d92a65b3f354e6

    SHA256

    67bea7158c1f9f82d372ced1b7f9bf83eb26daef5fcdd66d292e17c004dd6637

    SHA512

    4c189a907262ed1b15a61d0789ea209b482bd16f29993da7ac22410ccecd27604a5bf16a1cd3ef47e3b8e9e2a37793b84755f2acd378371660533c948ab5acf7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    23ca2870fab4b26ada5874926a486a7e

    SHA1

    163b1dfe60dcd820bdcc903062ea8f333d6cae65

    SHA256

    d4983059de746c1514d860e3e5133f1769de50c63f372028719d459b0f4630e8

    SHA512

    907a839fb6bde9c92f80546fcd0d55618ce34f50b9c1a907b61741b660470089d7a92d46017596b7225f53ac22ffc95e1c96d916fc9f40bd9b7f1eb578223e36

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    195298f0aab576f58ad32530a0ca4bc2

    SHA1

    76ace9f89acd3d219c2b9fad2855572814f50f5e

    SHA256

    83250ebe3f06f51b09b0163b492efb6a2d8a4fe399b64fe9a4ed0142c17836c2

    SHA512

    67990674073fd376ef5848a7ca1a22db9b3cdf3c84aa90a6583180425ad552871502a6dc0fb17771324bec52f33492a22139de26f6e5722effbca79e7b46d2a9

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\21AGNVXQ\www.google[1].xml
    Filesize

    99B

    MD5

    1309a2831c648f0d6f1ef5b0ad5153df

    SHA1

    6601f5cc58fd9e28efacc0e91c2ad421a7de0d9f

    SHA256

    7322fd8eb94bb9d8ca54656bf6d5930211d813ce29f912b6182cd141bcca031e

    SHA512

    f4a13cc002659b45c2eaa4831b19642f1164d95e9e2e9e1354442be6f4f918edfa2f7edff129cf23fcc352439d3cc3bbfaf27a6df5eeeaa026b770e678e33a54

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\53STNJLW\rpc_shindig_random[1].js
    Filesize

    17KB

    MD5

    f019fdda31635d2a31b151ad8ad56c7a

    SHA1

    6adcbec55f66ffaef83d9a134423aa98eb2a2189

    SHA256

    c7fc0b1526533002c956ebf8e8c42c3ad3f96c41ace73fb4063cc89051944831

    SHA512

    fc278c12316e098976833882a38c788d812f9d36bd1b9b2b8c87dab4dc906af26a860df95436ea1b7d509236d44d0533d475a153437f8f5d42653fc28a77ad64

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\53STNJLW\styles__ltr[1].css
    Filesize

    55KB

    MD5

    eb4bc511f79f7a1573b45f5775b3a99b

    SHA1

    d910fb51ad7316aa54f055079374574698e74b35

    SHA256

    7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

    SHA512

    ec9bdf1c91b6262b183fd23f640eac22016d1f42db631380676ed34b962e01badda91f9cbdfa189b42fe3182a992f1b95a7353af41e41b2d6e1dab17e87637a0

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HJ0GGVIM\478691279-postmessagerelay[1].js
    Filesize

    12KB

    MD5

    92169c8a0fbf6e404267d0705cdbdf42

    SHA1

    a5cd88b74ca5ced239cdbfb458fe25540d671f46

    SHA256

    dba668b49a111527aac8f616b9053ea57c944e01a84ebdcd02a13da921223384

    SHA512

    8c5d35ea512fa7be367cd9a9ded2f23822dcce730e5502a355ed0d48949ef763eab13be0d50a66de6b0f8419d6a002c12c4ddbf20d97f5393ba922e48a4f02e2

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HJ0GGVIM\f[1].txt
    Filesize

    34KB

    MD5

    d854bbb2246d993bd1f8687e79493f60

    SHA1

    28fbae93bc5e4e99a6c905fdda488be72057c307

    SHA256

    707248d75606cc53aad966797dc2cc86997d1ea1a74b1c99b9191716600c74e3

    SHA512

    ba4e7ef0a590c84310fb36ea64202cf821058eb7bd52ada1cc9fefff544b7500bf54a8ee43ce80b6cf8989071b0deaf2bf9a50c8063c192f24063f318585c3f2

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HJ0GGVIM\recaptcha__en[1].js
    Filesize

    502KB

    MD5

    37c6af40dd48a63fcc1be84eaaf44f05

    SHA1

    1d708ace806d9e78a21f2a5f89424372e249f718

    SHA256

    daf20b4dbc2ee9cc700e99c7be570105ecaf649d9c044adb62a2098cf4662d24

    SHA512

    a159bf35fc7f6efdbe911b2f24019dca5907db8cf9ba516bf18e3a228009055bcd9b26a3486823d56eacc391a3e0cc4ae917607bd95a3ad2f02676430de03e07

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M2VO416U\cb=gapi[1].js
    Filesize

    64KB

    MD5

    ee01651d160cfc55249d6011a3c45916

    SHA1

    79d6121df6575974ad21dafce33ec98e3f2f0a7f

    SHA256

    639d75299973c7d3794eb7eb129e3b5a6139f9f521e1f14383abd0fd501219c9

    SHA512

    8a39dfc1ff2c58ac106225976aafdaf7befc0a28903a0c65e2c272e1967c3336af2b477ec12604400bb8e16aecee6567c9cb9d157e3d54649e28b9b2f920432f

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabA057.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarA088.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit