Overview

overview

1

Static

static

1

268ecc4149...d.html

windows7-x64

1

268ecc4149...d.html

windows10-2004-x64

1

Analysis

  • max time kernel
    16s
  • max time network
    177s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    31/12/2023, 03:35

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    268ecc4149b49f24cdc05d66cdc9448d.html

  • Size

    104KB

  • MD5

    268ecc4149b49f24cdc05d66cdc9448d

  • SHA1

    2a10abba26e73196ce6616007dd73d6780a63dae

  • SHA256

    329ec100edce06f05143c5fa2d5efc6d6470cbd8010926afdc004463a07a829e

  • SHA512

    b7a213ba71a0edc645c6aa5cbff7ad8844fed5640d669da73a56edc1701af45dbae827ebc15a1b5b909d3e8d4615d8c067f69ae72ccbef333ac4a53116ebd70a

  • SSDEEP

    1536:JnxHHh2hBEbahHu/t3HI48Wq/H13g2tTfz042OOe4qqqRm4L9tEdt5:zHB5KOF3o4/qfdg2tzzy8PNL9t+

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 18 IoCs
    adwarespyware
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\268ecc4149b49f24cdc05d66cdc9448d.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2240
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2240 CREDAT:275457 /prefetch:2
      2⤵
        PID:2732
        • C:\Users\Admin\AppData\Local\Temp\ICD1.tmp\FP_AX_CAB_INSTALLER64.exe
          C:\Users\Admin\AppData\Local\Temp\ICD1.tmp\FP_AX_CAB_INSTALLER64.exe
          3⤵
            PID:1764
            • C:\Program Files\Internet Explorer\iexplore.exe
              "C:\Program Files\Internet Explorer\iexplore.exe" https://get3.adobe.com/flashplayer/update/activex
              4⤵
                PID:1896
          • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
            "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2240 CREDAT:209949 /prefetch:2
            2⤵
              PID:2076

          Network

                MITRE ATT&CK Enterprise v15

                Replay Monitor

                Loading Replay Monitor...

                Downloads

                • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
                  Filesize

                  1KB

                  MD5

                  17b540f513c83e8ca61b59235875f974

                  SHA1

                  7256d0340667bf647de8f91646ad32dfe188ab32

                  SHA256

                  7040b15512de550910eb66238ea7b1e6ffe00473a9f596d03cc692aadf3e174f

                  SHA512

                  334c675f46c36bf1b6751b6946a6e6253b67fd2f6e077f6297b490e869e948982eeca65316636e614092c515e0243bc022d704d43a31796599e5cab8d53eaab2

                  Download Submit

                • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
                  Filesize

                  344B

                  MD5

                  99887a5c7725716e06046040fc876c24

                  SHA1

                  e0eb26658ab80e3b78e1342b387279ebd094941a

                  SHA256

                  45f6de6efb674c79aa7a9461b7c2c6cf5c878ff764ab468026e00b08f11a0bd1

                  SHA512

                  b1c98b3612964c62e0a439fcc22da489e8c13341bd5fc766f5c39390f2699288126859902381637a6148875acd66c7b2eee4de6b3595bf4b179aa47c1b2611bf

                  Download Submit

                • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
                  Filesize

                  344B

                  MD5

                  877583f4cf4ad879a2942e27c249581e

                  SHA1

                  7534689b9be87da8fee81ce63d5c82e4c71377ee

                  SHA256

                  9c44d9a7b1206df5a04abc947838805e54d6bdfa533015b4e9d63a0bda06893e

                  SHA512

                  d08cc9e9049c1af25ff46cd84220471d5ed596064625740fa75680bebe50d5a26a2f78413191f1b0d4dc3631285f07a7d386900c63e107c0c4df4ef15592bfbb

                  Download Submit

                • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
                  Filesize

                  344B

                  MD5

                  a8406dcc3d17345c3fead7d8d7aca0af

                  SHA1

                  6d660d212846a8991bab926eaa213b2572e9aa09

                  SHA256

                  7d9257547e5c0f01e92ef14091292e8b95ea4860d6a2c182101d298587fea8e3

                  SHA512

                  4738f91d48cc8a9b9ea0458c813adcdca1bc1211696248e74e204e9480813126c6735c8e216f8c24df574921ad862aa31948d58027e68bff6a1d2e7fafbff29f

                  Download Submit

                • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
                  Filesize

                  344B

                  MD5

                  4663032305f068b769a3a147b95c499e

                  SHA1

                  19dd7b52b02b7af86580b1576e8607ff07fcce54

                  SHA256

                  0f104f88d36f9775fca644a1caaf8c6a75b951ae63ef09b7b26f174a655858a9

                  SHA512

                  c15567836714d6e8e1eca2b2451e2c3c2ca7be40e4660c1fbde1071b3395945c64b5c9eb4052098f04fb16c30cd8919f19cf17f47ec400319facc5c16fe38370

                  Download Submit

                • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
                  Filesize

                  344B

                  MD5

                  eecc5fcda17af62b1ac90211b31f0d6b

                  SHA1

                  f64438fae958aa183e5f4f76c36ace27e1584777

                  SHA256

                  db966eb972aa5dae5b3c799a4de2d48dfab4cfb310546d1e18b557516976c338

                  SHA512

                  e7e4c43ea72941eb557c3b61798f02309c73dc3518256175fe98d74638c3dd110ded5e86be2490dd935b6a6017fccf7fa1a8ebbc5b29f3e1da2e2764e23a47e3

                  Download Submit

                • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
                  Filesize

                  344B

                  MD5

                  e4df82959c5a357173af460e3bdd73a1

                  SHA1

                  09f2eb09319737092dd48767ca3d9d422a0342b4

                  SHA256

                  20f36d6235ac1ece4f7df1063a8b71421ed3a1b8fc585275914fc97851217ce9

                  SHA512

                  618f756d69cf18e6b93bc3f1f2ba94bf3f079a2d58cbecd46393c9a0924470491f3e958e6fc8e5c97370d7609c5c60ec2c379f9a7b39fa1e2a7979a893026a14

                  Download Submit

                • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
                  Filesize

                  344B

                  MD5

                  a18cc154a68ab89211708e01d06ae274

                  SHA1

                  c08d1a386153bdf0d6ccd03f73881e8ab31483f8

                  SHA256

                  e62ed526c0ded56e4d1ece47c243d6e23bdcd84040ec75a8bb5f34081303dc84

                  SHA512

                  b6ee6685203755b0c99be4f3e1043655ce9278284a58834a636375da4cb8177f09aa471e659e7ccf968e4e693e6bbfb3282dc3cabcaeec3a97cb3648cd428496

                  Download Submit

                • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LSNXCBKV\plusone[1].js
                  Filesize

                  2KB

                  MD5

                  1dcca94f34d11a87bd1cde0a92969c8c

                  SHA1

                  380ade533b1ba7c20e23e3bdb3075f7c209f0668

                  SHA256

                  11377bb92d3b84830d05f437e90feb3f3b7f3490afcd3c218356fdc85e652139

                  SHA512

                  9190364f34adf8b492abc1540ac7032b37fedb1f3860a461214d5570987807f1d17c7f6742f79d73ba184302ba165c4bbf1fcc9bd1ce71fa1988baf526c8a320

                  Download Submit

                • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M61DDFBK\swflash[1].cab
                  Filesize

                  9KB

                  MD5

                  10dbf28ca1f45cfbfe6f126cea3533b2

                  SHA1

                  bad02224078b7a3222973451e5a6ddeebfc3f9ea

                  SHA256

                  d9681698d3b2f0cc329aca5f3071c68e832e59080303ee12d34f8feee1aea2e9

                  SHA512

                  e94743522d3c248920f7a5a52c94ed3f6543e2b37a27d3805cd20f5b02e2bce55e61c701207be7ff6c63eae48711a94554b32765d97655f01a846d8fc20a1cc5

                  Download Submit

                • C:\Users\Admin\AppData\Local\Temp\CabE716.tmp
                  Filesize

                  5KB

                  MD5

                  12575bc8af97f3409fe01045e218afda

                  SHA1

                  8938c52bb204c05bb1a34fdcc5730443f83bdd73

                  SHA256

                  7aa628b1c9b2a6db424fd0eec3199f1779467831ac8cf4d36495b902cec4d086

                  SHA512

                  978703b3456c2e82123da41c9ab0551d4ca3b78ae22a64fafd966eadb9f529e6ddff67bee426435d1388cfc745a753b3b5478ac1457e2834660a307802697398

                  Download Submit

                • C:\Users\Admin\AppData\Local\Temp\ICD1.tmp\swflash64.inf
                  Filesize

                  218B

                  MD5

                  60c0b6143a14467a24e31e887954763f

                  SHA1

                  77644b4640740ac85fbb201dbc14e5dccdad33ed

                  SHA256

                  97ac49c33b06efc45061441a392a55f04548ee47dc48aa8a916de8d13dabec58

                  SHA512

                  7032669715c068de67d85d5d00f201ee84bb6edac895559b2a248509024d6ce07c0494835c8ee802dbdbe1bc0b1fb7f4a07417ef864c04ebfaa556663dfd7c7f

                  Download Submit

                • C:\Users\Admin\AppData\Local\Temp\TarE758.tmp
                  Filesize

                  1KB

                  MD5

                  fa527dcd6b5eb05e72fc51570a2a6608

                  SHA1

                  3380c5ef74408265fba2f67e790636d0ad0a51cc

                  SHA256

                  4dc7a4a6cb3be2c334a27a49df89f18f8f91749fe6aa1cf28d548e0e0c75ce3d

                  SHA512

                  05c0e217c433949cab210102a26ca7f6a765515b228b217e25c7409408fc167b5a59a8494e1181284e9ec72849c90288f3a066faa284e29d871097ec76291a5a

                  Download Submit

                • \Users\Admin\AppData\Local\Temp\ICD1.tmp\FP_AX_CAB_INSTALLER64.exe
                  Filesize

                  14KB

                  MD5

                  9c163af9185447f13a61d040e188c739

                  SHA1

                  fab08e917803fefd0f2ae0f0566ee073bf42e562

                  SHA256

                  2534cd04719da95d5f3c462820efcabf06ebfa5946122a7d361144b5a84ae28b

                  SHA512

                  6273548360f3b42f5fadfd2433efacabced8ebab93c7096f9c0a533993ea4e6069bcab65fc25c439ad828edd377dea97072ad5af158e63bd4c630d4d61dee6ff

                  Download Submit