Overview

overview

1

Static

static

1

211c119300...a.html

windows7-x64

1

211c119300...a.html

windows10-2004-x64

1

Analysis

  • max time kernel
    0s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231222-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
  • submitted
    31/12/2023, 00:08

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    211c119300d0a17ec4cab09bc819426a.html

  • Size

    70KB

  • MD5

    211c119300d0a17ec4cab09bc819426a

  • SHA1

    3d067f3754c15c48d3c7306c4c6295a6dba69f94

  • SHA256

    7c6be653e671438e794f3ef032e41d7835a4f388a01a88c44c35cfed1b56f963

  • SHA512

    3f54f3939f7f78ef0fcbff5523da2ce2b41d5f7e968b7b06c88fa03150cbe0b25573686638c5c200d5e2229e31b33f3ecaaadcabaa38b9aa919c180758c5388d

  • SSDEEP

    1536:qZAPAFBWnhpjVOXO2afggjt2eVUDDkw354YLNEoN6:qZiAinhpjVb2afggK354YLNEoN6

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 6 IoCs
    adwarespyware
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\211c119300d0a17ec4cab09bc819426a.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2712
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2712 CREDAT:17410 /prefetch:2
      2⤵
        PID:6080

    Network

          MITRE ATT&CK Enterprise v15

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\VersionManager\verC813.tmp
            Filesize

            15KB

            MD5

            1a545d0052b581fbb2ab4c52133846bc

            SHA1

            62f3266a9b9925cd6d98658b92adec673cbe3dd3

            SHA256

            557472aeaebf4c1c800b9df14c190f66d62cbabb011300dbedde2dcddd27a6c1

            SHA512

            bd326d111589d87cd6d019378ec725ac9ac7ad4c36f22453941f7d52f90b747ede4783a83dfff6cae1b3bb46690ad49cffa77f2afda019b22863ac485b406e8d

            Download Submit

          • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\R977VUU4\cb=gapi[3].js
            Filesize

            133KB

            MD5

            288c5ba5b7001fe841c32f690f62cc93

            SHA1

            29aba9d8e4f7cbe25fa5e64b9ecbe256e51fc789

            SHA256

            c2f33dc18eae27d4e878bf837dd97f1bde5151e44b0271408535bb93265b8c52

            SHA512

            e375d41344a086d35accfb02bb1f91e2dd383db032af387fc3d6b1230057cc5e432e9b2cdd976e51425b4f587391d42f4d9d857c2e6f11e822a65edcb85f1c9f

            Download Submit

          • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\R977VUU4\plusone[1].js
            Filesize

            56KB

            MD5

            1944af3661da46249991197817b6cd8b

            SHA1

            f952df40ec79fafc7c798f37aff92878977376ed

            SHA256

            63326a1c4e0eddd3501f0a064b06a2708eb0362f3ae934f53145978d3d0799b5

            SHA512

            0bef19b32be337cfba179ed9ce4533a207cfe645d2e5fe0da9fadc7b01c72704fc89749670d1ac48b8d494675bc62ac089fdc4d8495979226f10828225594376

            Download Submit