Overview

overview

1

Static

static

1

28c67a8ce5...a.html

windows7-x64

1

28c67a8ce5...a.html

windows10-2004-x64

1

Analysis

  • max time kernel
    128s
  • max time network
    160s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    31/12/2023, 04:47

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    28c67a8ce5fb0306d0ef8d7e2fdbb21a.html

  • Size

    153KB

  • MD5

    28c67a8ce5fb0306d0ef8d7e2fdbb21a

  • SHA1

    2861ce79fa69f2d216dea7750f7f953e58650a04

  • SHA256

    3b5a700dff8d7ce7c64347878f045b2d35421941b6bce73e3d3a6e0d66e0a93f

  • SHA512

    bc68bf60a23cf7d94228219f0cfe526e9644bacb3eef42b7c004d2f3e191ed0594c9314cbde0eb5778b5bddd17ce454e5afb58514a3ca5da4f1506d43fd49736

  • SSDEEP

    3072:2PVBTkZqkg3l/X94itXQFOmncnM/CGFtqfPLt3Bl/GQktItPL71K6jm/Uozs7tcf:2PPTkZqkg3l/X94itXxmncnM/CGFtqbG

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\28c67a8ce5fb0306d0ef8d7e2fdbb21a.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2528
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2528 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2660

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          85fc8373a6b4aa2ef0d2afeb1e32ab17

          SHA1

          fae695cdf0517ea8e7052a7717562e907917313f

          SHA256

          c964e2bd53e153364a07f978ca91dc221647f9d89d5a60fdbc7340159870a69d

          SHA512

          07d5ce6ffe54720bd9e731673cd76effdfbe69a8bcb30d690cc87ffd19d9bd2355d9a17be1feefeb4ed027603756bb99b94bacfe8400317fa6409bebeaaef2be

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          e7942b19f6899724fef0fff86497e65c

          SHA1

          424d14b3ced6e3faeeae620e7856e4015e1882a6

          SHA256

          8622607c80c2279ae51c16b4998723d3497b9a9c1d993b14eddb9e5ec169229e

          SHA512

          6c6576ee9e16d3ea5414848987364dc86280d7e35dbbbd5180497ea50a3d1bdc7369f29864d913621af0da1317aaff958dceed25b7c6deaef981c434186cae82

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          0de476b5be6420feb9d89f36ac887f19

          SHA1

          6762defc4b0e7b5d78fc2b0957928a6101637b77

          SHA256

          2992b6aaf394d5ad2d0545bfff2af477e8f548826c920ad50dcd23468e419a4a

          SHA512

          2d947940afe5c5dc742f746b652f2f1b4f98c19d0532f8761e46f5dc33bd7067ae00d02304940afa35d7f3ac935c23c0841dc8515f1fef4a7d7a4e6eb438e406

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          f6e80ab8c19d482282f7e225d55d9fa7

          SHA1

          c21e5d4391fe825da85da0e47212e15c9004346b

          SHA256

          696f0b0a4d3cc4c1c0fdc62f7203b85ed3da4bf9027e897e8ac69e099bb07929

          SHA512

          8809391ba142cbf4d109426e6e4e4794606c72302d7eae34681812939997b75cf39a806fb69d039171e07e71c90651271fc7530eea3e1b9a4228ef36cc332b8b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          48c6593af7cbe68364177a5269a2bd70

          SHA1

          b27b28490d5673e8d8f57a4d587d1e721a872b6b

          SHA256

          3a1d9b2fd56c540dd1a0c79263d82293e892e58191c674bfdefe476222238834

          SHA512

          0df6a543470f779ec8e8049513640d7a090125b9e651142c9251eef3781a1d1d63764fb0d947c793d6ee567c8a058e0224b2924cab9401b19f2a108a71942412

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          59fb9423e5034bfb32c20410f98818cb

          SHA1

          25ad0f2c10616994aca7d16b22256ae58bf6095e

          SHA256

          906e142d4d49042d106d434a17367ea3676d6bece075514ad3082674c98df6fc

          SHA512

          a9e4d62219da2a5d8b5c7431e3881232e501d0baffb76006ce1b0122d2417f33f7e0fad904d8cee494af10c630f03e012bf72826e35335c728fb5baa230a1532

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          2bc29f3751d6b2af09b266cc21c3cc9c

          SHA1

          23e552361996d473496a204e30d5c3c81ba3f148

          SHA256

          bcb09e69b25accdcca99ef85533adb8ab19e849ce189fc1efed4e0b2054a6be6

          SHA512

          353a7339103612d5c621d0718e76014459734e4546590e223f6cab5d12c4b593de544fa1dc256c4d405ced29d1fe6ca35b5393926426b8508bbb6f5ccbdf1a5f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          d05e1f26517adcb9b5c60164e4a09941

          SHA1

          2763c6b38733950279e78a855fa6d2e8bcec830b

          SHA256

          2da601325d0d47952aaa9635b33f1c5aa02e269b67a50ab88bf4749a771eb7f9

          SHA512

          5731e8cdb6e6260990a4801e0dc41d5326227cf32e04f76367f051305f60369498a1c236b25e17f4a7e5a72738d3cbcac9fcf1b3414c42c59305aeaca1102c25

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          cdb141c1d01c4eee8be0fc26e7f966cd

          SHA1

          94c64dec7ac60817ab2e255f2d5ee5620d686ba6

          SHA256

          4d8ed5dd3acdbbb152f26b91bfbb456f4174bcd329afb9ebed41603fc4d75b46

          SHA512

          f8aa446de628790192568900e086f7e00eb413b9c489f7f6235af7fd2de968a29885a5e5d88cfb0ae1f8e24088bb35d42d26a01ec67cd3c1c6850210e6c9ae2c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          426b1a39179573816b9134a600fdf1df

          SHA1

          3eab7d69566df0220ca0bbc774911f2f382a5863

          SHA256

          e733f11239ad150e35c6f13d27f0bfc65450646069c06207c93106a29cd0c60f

          SHA512

          19af32fb372aade9c10f02e70c8a91853c6cc4b63f9a9dbb0ce3a6d704df9a9661b5e7193cfb337dcae234d5d1c1c89d20fd4dccad701cdb8dc585a2fc8db084

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          709712bef4cf553915050ed9f085bcea

          SHA1

          d790e7030f2422b49b22f9091583a9d593a6b2b2

          SHA256

          4a9f92b1ebb882e50fbe3d0d79b7978c4d880d39f0afbe037828579ea6cf91a9

          SHA512

          fb9bf1f4f85c853fe33c138067019ebc7d5127c15cdcd80859f7bb69f354de690cd2f55622b135acd04f3832219a7fa944086defc1fce7dd6deb3330a13bd009

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A89I98IL\478691279-postmessagerelay[1].js
          Filesize

          12KB

          MD5

          92169c8a0fbf6e404267d0705cdbdf42

          SHA1

          a5cd88b74ca5ced239cdbfb458fe25540d671f46

          SHA256

          dba668b49a111527aac8f616b9053ea57c944e01a84ebdcd02a13da921223384

          SHA512

          8c5d35ea512fa7be367cd9a9ded2f23822dcce730e5502a355ed0d48949ef763eab13be0d50a66de6b0f8419d6a002c12c4ddbf20d97f5393ba922e48a4f02e2

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A89I98IL\rpc_shindig_random[1].js
          Filesize

          17KB

          MD5

          f019fdda31635d2a31b151ad8ad56c7a

          SHA1

          6adcbec55f66ffaef83d9a134423aa98eb2a2189

          SHA256

          c7fc0b1526533002c956ebf8e8c42c3ad3f96c41ace73fb4063cc89051944831

          SHA512

          fc278c12316e098976833882a38c788d812f9d36bd1b9b2b8c87dab4dc906af26a860df95436ea1b7d509236d44d0533d475a153437f8f5d42653fc28a77ad64

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E1CCB52I\plusone[1].js
          Filesize

          56KB

          MD5

          1944af3661da46249991197817b6cd8b

          SHA1

          f952df40ec79fafc7c798f37aff92878977376ed

          SHA256

          63326a1c4e0eddd3501f0a064b06a2708eb0362f3ae934f53145978d3d0799b5

          SHA512

          0bef19b32be337cfba179ed9ce4533a207cfe645d2e5fe0da9fadc7b01c72704fc89749670d1ac48b8d494675bc62ac089fdc4d8495979226f10828225594376

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YV6H14B0\7NZPO0OV.js
          Filesize

          157B

          MD5

          67e216a27dda24bdcb086c2385b0cb99

          SHA1

          17141c80f5d32bec3691c5ab24741d8b7dd5f0c6

          SHA256

          9dc433b2142d3ba0803fcffa53f19d34da26996d20c829df6d694bc887325dd7

          SHA512

          802319543dc64cb011bc2684004e878a842b73aa55e4da1141ccb8650cbf42fabbf2b46c730760bbfcc7a140e11700244b9f5da78bafe9fca7ec7825c12b4255

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YV6H14B0\cb=gapi[2].js
          Filesize

          64KB

          MD5

          ee01651d160cfc55249d6011a3c45916

          SHA1

          79d6121df6575974ad21dafce33ec98e3f2f0a7f

          SHA256

          639d75299973c7d3794eb7eb129e3b5a6139f9f521e1f14383abd0fd501219c9

          SHA512

          8a39dfc1ff2c58ac106225976aafdaf7befc0a28903a0c65e2c272e1967c3336af2b477ec12604400bb8e16aecee6567c9cb9d157e3d54649e28b9b2f920432f

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab83F1.tmp
          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar84BF.tmp
          Filesize

          171KB

          MD5

          9c0c641c06238516f27941aa1166d427

          SHA1

          64cd549fb8cf014fcd9312aa7a5b023847b6c977

          SHA256

          4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

          SHA512

          936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

          Download Submit