Overview

overview

1

Static

static

1

2c323f8060...7.html

windows7-x64

1

2c323f8060...7.html

windows10-2004-x64

1

Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    31/12/2023, 06:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2c323f8060297f9f6140b593f9072d67.html

  • Size

    12KB

  • MD5

    2c323f8060297f9f6140b593f9072d67

  • SHA1

    1cce0f869a1defb8b949c53c519189dac10e52be

  • SHA256

    30fb23a17b652869ce2ae32b89fe0a5264939d517a1c352fcda6b3e564ea7997

  • SHA512

    ca701baff7b818985927426bda2a82303a887ddb455ef08a0a364a23eecac77d15d24da21a455083025d230453f9a165d8ba420249e12f79746a1a331d13fda0

  • SSDEEP

    384:pt8n0nC/SoWKt7vJX21U95kMg/hsGxGY+A:P82oWKt7vJ21U95kz/uGoYL

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\2c323f8060297f9f6140b593f9072d67.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2344
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2344 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3032

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    dec6be0c4f673a00008b3d257a0f57ec

    SHA1

    84dcd657ca2206bd5d0c7fa8d72b0fee7df021d6

    SHA256

    76c40ea0cf8cc6d85c3f02b386750263250da165d849275fbdb57e2c71be99ec

    SHA512

    8186bd8844991fdd295714005fd7a82ed4731e332bfd523299bba6d54d054b8e0ecaace1166b591bb0125113615094fb1264a8382e14c88711da7ada180c029c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar3799.tmp
    Filesize

    64KB

    MD5

    69b8e2fe3bb7142b759bbc3bd3092cc2

    SHA1

    c55b032e44415d77a1a2f3f6c6c049b7cc32afd7

    SHA256

    d31cf766104ab57466eca8c74b0b1dc3f7729270b60df98dde747087ec3e8bb4

    SHA512

    c3b3ca6861a0e35822f0c5b6085f7fc1444b051548aec4362723d1b7a14b72cd832335ca29eea23ce8f9fb71f4ac76c6bf2b58a220722e7843461bf095970b7b

    Download Submit