Overview

overview

1

Static

static

1

sample.html

windows7-x64

1

sample.html

windows10-2004-x64

1

Analysis

  • max time kernel
    0s
  • max time network
    146s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    31-12-2023 05:15

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    sample.html

  • Size

    32KB

  • MD5

    1bc6a4a197b4cb60fb916067686aaa5e

  • SHA1

    07beda06d62e58495f4ea8b693e275b00a627bf6

  • SHA256

    1d8b5cfc2859694b8d0bf7ece470caf08422c17ab82887c2e01c46d8eddf78f1

  • SHA512

    4c339cfe2ffcb110e435c5d4c9a9906c884547c540fb3255f3667e9e055581831ce2ffe031b852093044258cc19f4481b05298e201c1d668e2200ccddfaa4038

  • SSDEEP

    384:SfzWvuJPUykOuTtV4wZndkhw+O4zZB9cWw7MIjeGSHYFpRyNINCsfynHtvBvQ4/:S7Wv+eQzWW+j/pRyNHlBvr/

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 18 IoCs
    adwarespyware
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\sample.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2232
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2232 CREDAT:275457 /prefetch:2
      2⤵
        PID:1804

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      47531c7d7c5089e5c4a3035a3aae557f

      SHA1

      15f241ef275f62f6298a8dea77743446ced3e988

      SHA256

      7e504544262a3b31763b6b9c33fe07c9509ea779b6fc08c32065425a679f6c19

      SHA512

      77eca1d36807a2837ab8a22dfbccf2e0a56cf1f5cf7432eb52b64bef5ff9737f9b2dd89a1b9951117ac3dbce8103417d76c69557742b347dec21cd38a3508740

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HVBRC7A9\erodouga0225[1].htm
      Filesize

      154B

      MD5

      cfbeaf604823f038b8b46f0ac862b98c

      SHA1

      7b9eb1dac48e74fa5f418bc456cb410f88b81d98

      SHA256

      20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319

      SHA512

      c99bf4f1351efb28a74fa2504429875d9a63eb2d6a145a060ed487f83ff3a42b6c85d94165b960edca90aceec58d16a6ed37b25f44452bbacd7f5204c15c23cc

      Download Submit